Merge pull request #10435 from nextcloud/fix/note-about-encoding-in-login-flow

Add a note about encoding in login flow

developer_manual/client_apis/LoginFlow/index.rst

@@ -48,9 +48,13 @@ On the final login the server will do a redirect to a url of the following forma
 
 	nc://login/server:<server>&user:<loginname>&password:<password>
 
-* server: The address of the server to connect to. The server may specify a protocol (http or https). If no protocol is specified the client will assume https.
-* loginname: The username that the client must use to login. **Note:** Keep in mind that this is the loginname and could be different from the username. For example the email address could be used to login but not for generating the webdav URL. You could fetch the actual username from the OCS API endpoint :code:`<server>/ocs/v1.php/cloud/user`.
-* password: The password that the client must use to login and store securely
+* ``server``: The address of the server to connect to. The server may specify a protocol (http or https). If no protocol is specified the client will assume https.
+* ``loginname``: The username that the client must use to login. **Note:** Keep in mind that this is the loginname and could be different from the username. For example the email address could be used to login but not for generating the webdav URL. You could fetch the actual username from the OCS API endpoint ``<server>/ocs/v1.php/cloud/user``.
+* ``password``: The password that the client must use to login and store securely
+
+.. note::
+
+	``loginname`` and ``password`` are encoded by PHP's `urlencode <https://www.php.net/manual/en/function.urlencode.php>`_, which differs from `RFC 3986 <http://www.faqs.org/rfcs/rfc3986.html>`_. You may need to replace plus signs :code:`'+'` with spaces :code:`' '` before decoding.
 
 This information will be used by the client to create a new account.
 After this the webview is destroyed including all the state the webview holds.