Merge pull request #22840 from nextcloud/backport/22770/stable19

[stable19] Mitigate encoding issue with user principal uri

Author: MorrisJobke

apps/dav/lib/Connector/Sabre/Principal.php

@@ -168,7 +168,11 @@ public function getPrincipalByPath($path) {
 		}
 
 		if ($prefix === $this->principalPrefix) {
-			$user = $this->userManager->get($name);
+			// Depending on where it is called, it may happen that this function
+			// is called either with a urlencoded version of the name or with a non-urlencoded one.
+			// The urldecode function replaces %## and +, both of which are forbidden in usernames.
+			// Hence there can be no ambiguity here and it is safe to call urldecode on all usernames
+			$user = $this->userManager->get(urldecode($name));
 
 			if ($user !== null) {
 				return $this->userToPrincipal($user);