I've found a problem which I think is related.
If using a skin which includes the 'commands' at the bottom of the skin container in edit mode, you end up with double-escaping of Urls.
This doesn't affect the dnn6 drop-down 'manage' menu items, but rather the inline links that many containers use (generally containers written pre-dnn 6).
The problem can be demonstrated by using a page name that uses non-ascii characters (Forsíða is Icelandic for 'Home', for example).
If you use a module container that includes in-line links for commands (any of the minimal extropy containers from DNN 5, used in a dnn 6 install, will do), then set up a page that will encode the Url, you'll see the error in the popup-url.
The relevant code is this:
In the Html MOdule (HtmlModule.ascx.cs) we see this common code:
var Actions = new ModuleActionCollection();
Actions.Add(GetNextActionID(),
Localization.GetString(ModuleActionType.AddContent, LocalResourceFile),
ModuleActionType.AddContent,
"",
"",
EditUrl(),
false,
SecurityAccessLevel.Edit,
true,
false);
This adds an action to the menu. So far, so good. The EditUrl function contains a call down to the ModuleInstanceContext.cs NavigateUrl call - a wrapper around the base Common NavigateUrl call, but with this wrinkle:
// Making URLs call popups
if (PortalSettings.EnablePopUps)
{
if (!UIUtilities.IsLegacyUI(ModuleId, controlKey, PortalId) && (url.Contains("ctl")))
{
url = UrlUtils.PopUpUrl(url, null, PortalSettings, false, pageRedirect);
}
}
Now, you can see that the ModuleInstanceContext class is checking whether this is to be used in a Popup, and so is encoding the Url in the 'PopUpUrl' function. OK.
The problem then is compounded when it gets to the next part - displaying the container, which, again, is done in ModuleInstanceContext. Here, in the LoadActions() method, we find this call:
ModuleActionCollection moduleActions = actionable.ModuleActions;
foreach (ModuleAction action in moduleActions)
{
if (ModulePermissionController.HasModuleAccess(action.Secure, "CONTENT", Configuration))
{
if (String.IsNullOrEmpty(action.Icon))
{
action.Icon = "edit.gif";
}
if (action.ID > maxActionId)
{
maxActionId = action.ID;
}
_moduleSpecificActions.Actions.Add(action);
if (!UIUtilities.IsLegacyUI(ModuleId, action.ControlKey, PortalId) && action.Url.Contains("ctl"))
{
action.ClientScript = UrlUtils.PopUpUrl(action.Url, _moduleControl as Control, PortalSettings, true, false);
}
}
}
What we find here is that each of the module actions is iterated, and then, for the 'action.ClientScript' call, they're put through the PopUpUrl method again. When this is done, it comes across the first line in the PopUpUrl method again:
var popUpUrl = Uri.EscapeUriString(url);
Ending up with a double-escaped Url.
I'm not sure of the exact fix here, but if a module is encoding it's action Urls, it doesn't need to be done again. Either the encoding needs to be taken out of the module level, or the container level code needs to have a way of detecting that it doesn't get double-encoded.
I can open a gemini ticket on this one if it hasn't already been raised.