Opened 16 years ago
Closed 16 years ago
#6301 closed (fixed)
HttpResponseRedirect should not be escaping the '*' character
| Reported by: | samidh | Owned by: | nobody |
|---|---|---|---|
| Component: | HTTP handling | Version: | dev |
| Severity: | Keywords: | HttpResponseRedirect | |
| Cc: | Triage Stage: | Ready for checkin | |
| Has patch: | yes | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
Hello,
It appears the HttpResponseRedirect class is encoding the '*' character within a URL.
I believe this is a violation of RFC 3986.
Solution: The '*' character should be added to the safe-list so that it is not encoded.
Thanks for your time!
Attachments (1)
Change History (3)
by , 16 years ago
| Attachment: | encoding.diff added |
|---|
comment:1 by , 16 years ago
| Has patch: | set |
|---|---|
| Triage Stage: | Unreviewed → Ready for checkin |
comment:2 by , 16 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
Yep, according to that RFC, the * should be kept:
reserved = gen-delims / sub-delims gen-delims = ":" / "/" / "?" / "#" / "[" / "]" / "@" sub-delims = "!" / "$" / "&" / "'" / "(" / ")" / "*" / "+" / "," / ";" / "="