Manually decode URI parameters

Affects issues:
- Fixed #1444

Plan/api/src/main/java/com/djrapitops/plan/delivery/web/resolver/request/URIQuery.java

@@ -18,6 +18,9 @@ package com.djrapitops.plan.delivery.web.resolver.request;
 
 import org.apache.commons.lang3.StringUtils;
 
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
+import java.nio.charset.StandardCharsets;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.Map;
@@ -53,7 +56,14 @@ public final class URIQuery {
             }
             String[] keyAndValue = StringUtils.split(kv, "=", 2);
             if (keyAndValue.length >= 2) {
-                parameters.put(keyAndValue[0], keyAndValue[1]);
+                try {
+                    parameters.put(
+                            URLDecoder.decode(keyAndValue[0], StandardCharsets.UTF_8.name()),
+                            URLDecoder.decode(keyAndValue[1], StandardCharsets.UTF_8.name())
+                    );
+                } catch (UnsupportedEncodingException e) {
+                    // If UTF-8 is unsupported, we have bigger problems
+                }
             }
         }
         return parameters;

Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/RequestHandler.java

@@ -64,7 +64,7 @@ public class RequestHandler implements HttpHandler {
     private final PluginLogger logger;
     private final ErrorHandler errorHandler;
 
-    private PassBruteForceGuard bruteForceGuard;
+    private final PassBruteForceGuard bruteForceGuard;
 
     @Inject
     RequestHandler(
@@ -146,7 +146,7 @@ public class RequestHandler implements HttpHandler {
     private Request buildRequest(HttpExchange exchange) {
         String requestMethod = exchange.getRequestMethod();
         URIPath path = new URIPath(exchange.getRequestURI().getPath());
-        URIQuery query = new URIQuery(exchange.getRequestURI().getQuery());
+        URIQuery query = new URIQuery(exchange.getRequestURI().getRawQuery());
         WebUser user = getWebUser(exchange);
         Map<String, String> headers = getRequestHeaders(exchange);
         return new Request(requestMethod, path, query, user, headers);

Plan/common/src/main/resources/assets/plan/web/login.html

@@ -203,7 +203,7 @@
         if (!password || password.length < 1) {
             return displayError('You need to specify a Password');
         }
-        jsonRequest(`./auth/login?user=${encodeURI(user)}&password=${encodeURI(password)}`, (json, error) => {
+        jsonRequest(`./auth/login?user=${encodeURIComponent(user)}&password=${encodeURIComponent(password)}`, (json, error) => {
             if (error) {
                 if (error.includes("HTTP 403")) {
                     location.reload();

Plan/common/src/main/resources/assets/plan/web/register.html

@@ -191,7 +191,7 @@
     }
 
     function checkIfRegistered(code) {
-        jsonRequest(`./auth/register?code=${encodeURI(code)}`, (json, error) => {
+        jsonRequest(`./auth/register?code=${encodeURIComponent(code)}`, (json, error) => {
             if (error) {
                 displayError('Checking registration status failed: ' + error)
             }
@@ -216,7 +216,7 @@
         if (!password || password.length < 1) {
             return displayError('You need to specify a Password');
         }
-        jsonRequest(`./auth/register?user=${encodeURI(user)}&password=${encodeURI(password)}`, (json, error) => {
+        jsonRequest(`./auth/register?user=${encodeURIComponent(user)}&password=${encodeURIComponent(password)}`, (json, error) => {
             if (error) {
                 return displayError('Registration failed: ' + error);
             }