Add Base32 validation, better URL entity decoding

www/views/addotp.html

@@ -55,6 +55,12 @@
 	    navigator.notification.alert("Missing secret key.", null, "Error", 'Dismiss');
 	    return;
 	}
+        key = key.toUpperCase();
+        /* Thanks to https://stackoverflow.com/a/27362880 for the regex */
+        if (!key.match(/^(?:[A-Z2-7]{8})*(?:[A-Z2-7]{2}={6}|[A-Z2-7]{4}={4}|[A-Z2-7]{5}={3}|[A-Z2-7]{7}=)?$/)) {
+            navigator.notification.alert("Secret key is not valid base32.", null, "Error", 'Dismiss');
+	    return;
+        }
 	if (label == "") {
 	    navigator.notification.alert("Missing label.", null, "Error", 'Dismiss');
 	    return;
@@ -112,6 +118,14 @@
 				    return;
 				}
 			    }
+			    try {
+                                secret = decodeURIComponent(secret);
+				issuer = decodeURIComponent(issuer);
+				label = decodeURIComponent(label);
+			    } catch (e) {
+				navigator.notification.alert("Could not decode OTP URI.", null, "Error", 'Dismiss');
+				return;
+			    }
 			    addOTP(secret, label, issuer);
 			}
 		    },