Code

Ticket #9469: wsgi_fullpath.diff

File wsgi_fullpath.diff, 1.1 KB (added by magneto, 5 years ago)

encode QUERY_STRING

Line 
1Index: django/core/handlers/wsgi.py
2===================================================================
3--- django/core/handlers/wsgi.py        (revision 9294)
4+++ django/core/handlers/wsgi.py        (working copy)
5@@ -10,7 +10,7 @@
6 from django.core.handlers import base
7 from django.core.urlresolvers import set_script_prefix
8 from django.utils import datastructures
9-from django.utils.encoding import force_unicode
10+from django.utils.encoding import force_unicode, iri_to_uri
11 
12 # See http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
13 STATUS_CODE_TEXT = {
14@@ -120,7 +120,9 @@
15             (get, post, cookies, meta)
16 
17     def get_full_path(self):
18-        return '%s%s' % (self.path, self.environ.get('QUERY_STRING', '') and ('?' + self.environ.get('QUERY_STRING', '')) or '')
19+       # RFC 3986 requires self._req.args to be in the ASCII range, but this
20+       # doesn't always happen, so rather than crash, we defensively encode it.
21+       return '%s%s' % (self.path, self.environ.get('QUERY_STRING', '') and ('?' + iri_to_uri(self.environ.get('QUERY_STRING', ''))) or '')
22 
23     def is_secure(self):
24         return 'wsgi.url_scheme' in self.environ \