/

.gitea/workflows/sshupload.ps1

@@ -160,12 +160,13 @@ function Upload-ToSFTP {
         [string]$WinSCPExe
     )
     
-    # Password is already a plain string, use it directly
+    # If password came URL-encoded (e.g., %23 for #), decode once
-    $plainPassword = $Pass
+    if ($Pass -match '%[0-9A-Fa-f]{2}') {
+        $Pass = [System.Net.WebUtility]::UrlDecode($Pass)
+    }
 
     # Escape special characters in password that could break URL or WinSCP syntax
-    # Replace @ with %40, : with %3A, # with %23, $ with %24, & with %26
+    $escapedPassword = $Pass
-    $escapedPassword = $plainPassword
     $escapedPassword = $escapedPassword -replace '@', '%40'
     $escapedPassword = $escapedPassword -replace ':', '%3A'
     $escapedPassword = $escapedPassword -replace '#', '%23'