Opened 18 years ago

Closed 18 years ago

#2978 closed defect (invalid)

QueryDict.urlencode() doesnt quote &

Reported by: Joakim Sernbrant <serbaut@…> Owned by: Adrian Holovaty
Component: Core (Other) Version: dev
Severity: normal Keywords: urlencode
Cc: Triage Stage: Design decision needed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

QueryDict.urlencode should return

        return '&amp;'.join(output)

instead of

        return '&'.join(output)

From the tidy doc:

All special characters in HREF should be encoded. "&" is a reserved character to begin an entity. (ex: &nsbp).
"&" in HREF field should be encoded as his equivalent entity "&amp;", even when used as a separator for
parameters in the URL. Before to make you an opinion about this, please read carefully
[http://ppewww.ph.gla.ac.uk/%7Eflavell/www/formgetbyurl.html]page.

Change History (2)

comment:1 by Chris Beaven, 18 years ago

Triage Stage: UnreviewedDesign decision needed

Sure seems like it'd help Django be that bit more perfectionist.

I hesitate to mark ready without some more thoughts about possible side-effects of this change.

comment:2 by Jacob, 18 years ago

Resolution: invalid
Status: newclosed

No, this is incorrect. An "&" in a URL is perfectly valid (go do a Google search and look at the URL); it's only in HTML that they need to be entity encoded (and you've got the escape filter for that purpose).

Note: See TracTickets for help on using tickets.
Back to Top