iriencode doesn't respect safe strings
|Reported by:||Antonis Christofides <anthony@…>||Owned by:||nobody|
|Cc:||Triage Stage:||Ready for checkin|
|Has patch:||yes||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
This happens probably since autoescape. Steps to reproduce:
- In a model, use the following:
class Admin: list_filter = ['column_a', 'column_b']
and you'll have two filters shown in the admin.
- Choose something other than "All" in the first filter
- Hover the mouse over something other than "All" in the second filter and look at the url.
Result: It will have a "&" somewhere, when it should only have a "&". It doesn't work if you click it, of course.
See also #5976 for a related bug.
Change History (5)
comment:1 Changed 6 years ago by SmileyChris
- Needs documentation unset
- Needs tests unset
- Patch needs improvement unset
Changed 6 years ago by SmileyChris
comment:3 Changed 6 years ago by SmileyChris
- Component changed from Admin interface to Template system
- Has patch set
- Keywords auto-escaping added
- Summary changed from Admin escapes ampersands in URLs when joining filters to iriencode doesn't respect safe strings
- Triage Stage changed from Accepted to Ready for checkin