diff --git a/op/op.SetLanguage.php b/op/op.SetLanguage.php
index 9cb0b2d02..f9a2da8b8 100644
--- a/op/op.SetLanguage.php
+++ b/op/op.SetLanguage.php
@@ -31,5 +31,4 @@ include("../inc/inc.Authentication.php");
$session->setLanguage($_GET['lang']);
-header("Location: http".((isset($_SERVER['HTTPS']) && (strcmp($_SERVER['HTTPS'],'off')!=0)) ? "s" : "")."://".$_SERVER['HTTP_HOST'].$_GET['referer']);
-?>
+header("Location: http".((isset($_SERVER['HTTPS']) && (strcmp($_SERVER['HTTPS'],'off')!=0)) ? "s" : "")."://".$_SERVER['HTTP_HOST'].decryptData($settings->_encryptionKey, $_GET['referer']));
diff --git a/views/bootstrap/class.Bootstrap.php b/views/bootstrap/class.Bootstrap.php
index 017e213a1..a9bdcc62f 100644
--- a/views/bootstrap/class.Bootstrap.php
+++ b/views/bootstrap/class.Bootstrap.php
@@ -390,7 +390,7 @@ background-image: linear-gradient(to bottom, #882222, #111111);;
echo "";
else
echo "";
- echo "params['settings']->_httpRoot."op/op.SetLanguage.php?lang=".$currLang."&referer=".$_SERVER["REQUEST_URI"]."\">";
+ echo "params['settings']->_httpRoot."op/op.SetLanguage.php?lang=".$currLang."&referer=".urlencode(encryptData($this->params['settings']->_encryptionKey, $_SERVER["REQUEST_URI"]))."\">";
echo getMLText($currLang)."\n";
}
echo " \n";
diff --git a/views/bootstrap4/class.Bootstrap4.php b/views/bootstrap4/class.Bootstrap4.php
index 9e7c2fa64..843f11277 100644
--- a/views/bootstrap4/class.Bootstrap4.php
+++ b/views/bootstrap4/class.Bootstrap4.php
@@ -460,7 +460,7 @@ background-image: linear-gradient(to bottom, #882222, #111111);;
echo " params['settings']->_httpRoot."op/op.SetLanguage.php?lang=".$currLang."&referer=".$_SERVER["REQUEST_URI"]."\">";
+ echo " href=\"".$this->params['settings']->_httpRoot."op/op.SetLanguage.php?lang=".$currLang."&referer=".urlencode(encryptData($this->params['settings']->_encryptionKey, $_SERVER["REQUEST_URI"]))."\">";
echo getMLText($currLang)."\n";
}
echo " \n";