diff --git a/src/TestSuite/IntegrationTestCase.php b/src/TestSuite/IntegrationTestCase.php
index 7d230afa6dd..519bbf3679f 100644
--- a/src/TestSuite/IntegrationTestCase.php
+++ b/src/TestSuite/IntegrationTestCase.php
@@ -547,11 +547,12 @@ protected function _buildRequest($url, $method, $data)
         list ($url, $query) = $this->_url($url);
         $tokenUrl = $url;
 
+        parse_str($query, $queryData);
+
         if ($query) {
-            $tokenUrl .= '?' . $query;
+            $tokenUrl .= '?' . http_build_query($queryData);
         }
 
-        parse_str($query, $queryData);
         $props = [
             'url' => $url,
             'post' => $this->_addTokens($tokenUrl, $data),
diff --git a/tests/TestCase/TestSuite/IntegrationTestCaseTest.php b/tests/TestCase/TestSuite/IntegrationTestCaseTest.php
index b1fb558925f..10396aa4046 100644
--- a/tests/TestCase/TestSuite/IntegrationTestCaseTest.php
+++ b/tests/TestCase/TestSuite/IntegrationTestCaseTest.php
@@ -534,6 +534,24 @@ public function testPostSecuredFormWithQuery()
         $this->assertResponseContains('Request was accepted');
     }
 
+    /**
+     * Test posting to a secured form action with a query that has a part that
+     * will be encoded by the security component
+     *
+     * @return void
+     */
+    public function testPostSecuredFormWithUnencodedQuery()
+    {
+        $this->enableSecurityToken();
+        $data = [
+            'title' => 'Some title',
+            'body' => 'Some text'
+        ];
+        $this->post('/posts/securePost?foo=/', $data);
+        $this->assertResponseOk();
+        $this->assertResponseContains('Request was accepted');
+    }
+
     /**
      * Test posting to a secured form action action.
      *