Opened 9 years ago
Last modified 7 years ago
#28123 closed Bug
django.utils.html.smart_urlquote() is incorrectly parsing the query string — at Version 1
| Reported by: | Denis Pechenev | Owned by: | nobody |
|---|---|---|---|
| Component: | Utilities | Version: | 1.10 |
| Severity: | Normal | Keywords: | smart_urlquote python2 |
| Cc: | Triage Stage: | Accepted | |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description (last modified by )
Query string like 'search_text=%D0%B4%D0%B6%D0%B8%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B5+%D0%BA%D1%83%D1%80%D1%82%D0%BA%D0%B8' is already encoded. But smart_urlquote() encodes it again because of incorrect parsing in parse_qsl(). Value should be encoded with ASCII before parsing.
So there should be something like:
query_parts = [(unquote(force_str(q[0])), unquote(force_str(q[1])))
for q in parse_qsl(query.encode('ascii'), keep_blank_values=True)]
https://github.com/django/django/blob/master/django/utils/html.py#L216
Note:
See TracTickets
for help on using tickets.