Ok, so we have a security issue. I am asking @Anton L @LeonidS @Alex T⚜️ to please provide a quick fix. I will explain.

Apache had a vulnerability. It was patched July 2024. My server would not allow redirects with ? urlencoded.

Apache error log:

Unsafe URL with %3f URL rewritten without UnsafeAllow3F

So, tracking this error, brought me to:

https://stackoverflow.com/questions/78729429/403-forbidden-when-url-contains-get-with-encoded-question-mark-unsafeallow3f

I was able to get a temporary fix by changing UNA .htaccess to:

18  RewriteRule ^(.+)$ r.php?_q=$1 [QSA,L,UnsafeAllow3F]

Now, the rewrite allows the %3f rewrite, but this is a security issue, and it should not be something set to the side.

We need to change where the URL encoding is, where is this handled for redirects? Which class or js file. This fix works:

$url = rawurlencode(str_replace('?','?',$url))

Just need to know where the redirect is in code. Please reply ASAP.

Thank you!