0
@@ -299,7 +299,7 @@
0
     def url_for(page)
0
       page_one = page == 1
0
       unless @url_string and !page_one
0
-        @url_params = { :escape => false }
0
+        @url_params = {}
0
         # page links should preserve GET parameters
0
         stringified_merge @url_params, @template.params if @template.request.get?
0
         stringified_merge @url_params, @options[:params] if @options[:params]
0
@@ -317,7 +317,7 @@
0
         return url if page_one
0
         
0
         if complex
0
-          @url_string = url.sub(%r!([?&]#{CGI.escape param_name}=)#{page}!, '\1@')
0
+          @url_string = url.sub(%r!((?:\?|&)#{CGI.escape param_name}=)#{page}!, '\1@')
0
           return url
0
         else
0
           @url_string = url

0
@@ -95,6 +95,16 @@
0
     assert_dom_equal expected, @html_result
0
   end
0
 
0
+  def test_escaping_of_urls
0
+    paginate({:page => 1, :per_page => 1, :total_entries => 2},
0
+             :page_links => false, :params => { :tag => '<br>' })
0
+    
0
+    assert_select 'a[href]', 1 do |links|
0
+      query = links.first['href'].split('?', 2)[1]
0
+      assert_equal %w(page=2 tag=%3Cbr%3E), query.split('&amp;').sort
0
+    end
0
+  end
0
+
0
   ## advanced options for pagination ##
0
 
0
   def test_will_paginate_without_container