Fixed: Unable to login when instance name contained brackets

src/Radarr.Http/Authentication/AuthenticationBuilderExtensions.cs

@@ -1,5 +1,6 @@
 using System;
-using System.Web;
+using System.Text.RegularExpressions;
+using Diacritical;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authentication.Cookies;
 using Microsoft.Extensions.DependencyInjection;
@@ -10,6 +11,8 @@ namespace Radarr.Http.Authentication
 {
     public static class AuthenticationBuilderExtensions
     {
+        private static readonly Regex CookieNameRegex = new Regex(@"[^a-z0-9]+", RegexOptions.Compiled | RegexOptions.IgnoreCase);
+
         public static AuthenticationBuilder AddApiKey(this AuthenticationBuilder authenticationBuilder, string name, Action<ApiKeyAuthenticationOptions> options)
         {
             return authenticationBuilder.AddScheme<ApiKeyAuthenticationOptions, ApiKeyAuthenticationHandler>(name, options);
@@ -35,8 +38,10 @@ public static AuthenticationBuilder AddAppAuthentication(this IServiceCollection
             services.AddOptions<CookieAuthenticationOptions>(AuthenticationType.Forms.ToString())
                 .Configure<IConfigFileProvider>((options, configFileProvider) =>
                 {
-                    // Url Encode the cookie name to account for spaces or other invalid characters in the configured instance name
-                    var instanceName = HttpUtility.UrlEncode(configFileProvider.InstanceName);
+                    // Replace diacritics and replace non-word characters to ensure cookie name doesn't contain any valid URL characters not allowed in cookie names
+                    var instanceName = configFileProvider.InstanceName;
+                    instanceName = instanceName.RemoveDiacritics();
+                    instanceName = CookieNameRegex.Replace(instanceName, string.Empty);
 
                     options.Cookie.Name = $"{instanceName}Auth";
                     options.AccessDeniedPath = "/login?loginFailed=true";