From f581ecc8055afce24c5122ae63e5dd2ecc4860e0 Mon Sep 17 00:00:00 2001
From: bjoern <r10s@b44t.com>
Date: Mon, 18 Apr 2022 17:21:33 +0200
Subject: [PATCH] url-safe id generation (#3231)

* test dc_create_id() for invalid characters

* create url-save ids (as documented)
---
 CHANGELOG.md    |  1 +
 src/dc_tools.rs | 14 +++++++++++++-
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7c53ba1c0..4fa0338b3 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -10,6 +10,7 @@
 
 - Take `delete_device_after` into account when calculating ephemeral loop timeout #3211
 - Fix a bug where a blocked contact could send a contact request #3218
+- Make sure, videochat-room-names are always URL-safe #3231
 
 ### Changes
 
diff --git a/src/dc_tools.rs b/src/dc_tools.rs
index 33f79fa0c..19dd19bcf 100644
--- a/src/dc_tools.rs
+++ b/src/dc_tools.rs
@@ -214,7 +214,10 @@ pub(crate) fn dc_create_id() -> String {
     rng.fill(&mut arr[..]);
 
     // Take 11 base64 characters containing 66 random bits.
-    base64::encode(&arr).chars().take(11).collect()
+    base64::encode_config(&arr, base64::URL_SAFE)
+        .chars()
+        .take(11)
+        .collect()
 }
 
 /// Function generates a Message-ID that can be used for a new outgoing message.
@@ -762,6 +765,15 @@ Hop: From: hq5.example.org; By: hq5.example.org; Date: Mon, 27 Dec 2021 11:21:22
         assert_eq!(buf.len(), 11);
     }
 
+    #[test]
+    fn test_dc_create_id_invalid_chars() {
+        for _ in 1..1000 {
+            let buf = dc_create_id();
+            assert!(!buf.contains('/')); // `/` must not be used to be URL-safe
+            assert!(!buf.contains('.')); // `.` is used as a delimiter when extracting grpid from Message-ID
+        }
+    }
+
     #[test]
     fn test_dc_extract_grpid_from_rfc724_mid() {
         // Should return None if we pass invalid mid