.gitea/workflows/sshupload.ps1

@@ -160,19 +160,8 @@ function Upload-ToSFTP {
         [string]$WinSCPExe
     )
     
-    # If password came URL-encoded (e.g., %23 for #), decode once
+    # Decode once if URL-encoded; we will pass plain password via -password switch (no extra encoding needed)
-    if ($Pass -match '%[0-9A-Fa-f]{2}') {
+    $decodedPassword = if ($Pass -match '%[0-9A-Fa-f]{2}') { [System.Net.WebUtility]::UrlDecode($Pass) } else { $Pass }
-        $Pass = [System.Net.WebUtility]::UrlDecode($Pass)
-    }
-
-    # Escape special characters in password that could break URL or WinSCP syntax
-    $escapedPassword = $Pass
-    $escapedPassword = $escapedPassword -replace '@', '%40'
-    $escapedPassword = $escapedPassword -replace ':', '%3A'
-    $escapedPassword = $escapedPassword -replace '#', '%23'
-    $escapedPassword = $escapedPassword -replace '\$', '%24'
-    $escapedPassword = $escapedPassword -replace '`', '%60'
-    $escapedPassword = $escapedPassword -replace '&', '%26'
     
     # Create temporary file paths BEFORE script content (needed for variable expansion)
     $timestamp = Get-Date -Format 'yyyyMMdd_HHmmss_fff'
@@ -193,8 +182,8 @@ option echo off
 option reconnecttime 3
 "@
     
-    # Add connection string with auto-accept of host key
+    # Add connection string with auto-accept of host key; pass password via -password to avoid URL encoding issues
-    $scriptContent += "`r`nopen sftp://$User`:$escapedPassword@$Server`:$PortNum -hostkey=`"*`"`r`n"
+    $scriptContent += "`r`nopen sftp://$User@$Server`:$PortNum/ -password=`"$decodedPassword`" -hostkey=`"*`"`r`n"
     # Try to clear remote folder by removing all .exe files (ignore if none exist)
     $scriptContent += "call rm -f $RemotePath/*.exe`r`n"
     

.gitea/workflows/windows.yaml

@@ -49,4 +49,4 @@ jobs:
             -RemoteFolderPath "${{ secrets.SSH_TARGET_DIR }}" `
             -ServerAddress "${{ secrets.SSH_HOST }}" `
             -Username "${{ secrets.SSH_USERNAME }}" `
-            -PasswordParam "${{ secrets.SSH_PASSWORD }}"
+            -PasswordParam '${{ secrets.SSH_PASSWORD }}'