Escape slashes in query strings. This fixes #445

commit: 46acbf02ed9ab58c7a92553c95790e75bdc3c930 [log] [tgz]
author: Armin Ronacher <armin.ronacher@active-4.com> Mon May 25 13:40:47 2015 +0200
committer: Armin Ronacher <armin.ronacher@active-4.com> Mon May 25 13:40:47 2015 +0200
tree: 44c4e37ee8dd7439ff2bfc9b5aeed8bc9f12ba71
parent: 0bfb60f831352982ed484a669d28614af6db77a2 [diff] [blame]
diff --git a/jinja2/utils.py b/jinja2/utils.py
index e12255f..cdd4cd3 100644
--- a/jinja2/utils.py
+++ b/jinja2/utils.py

@@ -283,7 +283,7 @@
     return Markup(u'\n'.join(u'<p>%s</p>' % escape(x) for x in result))
 
 
-def unicode_urlencode(obj, charset='utf-8'):
+def unicode_urlencode(obj, charset='utf-8', for_qs=False):
     """URL escapes a single bytestring or unicode string with the
     given charset if applicable to URL safe quoting under all rules
     that need to be considered under all supported Python versions.
@@ -295,7 +295,11 @@
         obj = text_type(obj)
     if isinstance(obj, text_type):
         obj = obj.encode(charset)
-    return text_type(url_quote(obj))
+    safe = for_qs and b'' or b'/'
+    rv = text_type(url_quote(obj, safe))
+    if for_qs:
+        rv = rv.replace('%20', '+')
+    return rv
 
 
 class LRUCache(object):
commit	46acbf02ed9ab58c7a92553c95790e75bdc3c930	[log] [tgz]
author	Armin Ronacher <armin.ronacher@active-4.com>	Mon May 25 13:40:47 2015 +0200
committer	Armin Ronacher <armin.ronacher@active-4.com>	Mon May 25 13:40:47 2015 +0200
tree	44c4e37ee8dd7439ff2bfc9b5aeed8bc9f12ba71
parent	0bfb60f831352982ed484a669d28614af6db77a2 [diff] [blame]