Ticket #9469: wsgi_fullpath.diff

File wsgi_fullpath.diff, 1.1 KB (added by magneto, 6 years ago)

encode QUERY_STRING

  • django/core/handlers/wsgi.py

     
    1010from django.core.handlers import base
    1111from django.core.urlresolvers import set_script_prefix
    1212from django.utils import datastructures
    13 from django.utils.encoding import force_unicode
     13from django.utils.encoding import force_unicode, iri_to_uri
    1414
    1515# See http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
    1616STATUS_CODE_TEXT = {
     
    120120            (get, post, cookies, meta)
    121121
    122122    def get_full_path(self):
    123         return '%s%s' % (self.path, self.environ.get('QUERY_STRING', '') and ('?' + self.environ.get('QUERY_STRING', '')) or '')
     123       # RFC 3986 requires self._req.args to be in the ASCII range, but this
     124       # doesn't always happen, so rather than crash, we defensively encode it.
     125       return '%s%s' % (self.path, self.environ.get('QUERY_STRING', '') and ('?' + iri_to_uri(self.environ.get('QUERY_STRING', ''))) or '')
    124126
    125127    def is_secure(self):
    126128        return 'wsgi.url_scheme' in self.environ \
Back to Top