Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

[1.2.X] Fixed #13765 - 'safe' parameter for urlencode filter

Thanks to KyleMac for the suggestion and SmileyChris for the patch

Backport of [13849] from trunk

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.2.X@13850 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit 759625cd90f36976b1bc98c1dd9de0e8fe309bee 1 parent b176bd4
Luke Plant authored September 13, 2010
16  django/template/defaultfilters.py
@@ -291,10 +291,20 @@ def upper(value):
291 291
 upper.is_safe = False
292 292
 upper = stringfilter(upper)
293 293
 
294  
-def urlencode(value):
295  
-    """Escapes a value for use in a URL."""
  294
+def urlencode(value, safe=None):
  295
+    """
  296
+    Escapes a value for use in a URL.
  297
+
  298
+    Takes an optional ``safe`` parameter used to determine the characters which
  299
+    should not be escaped by Django's ``urlquote`` method. If not provided, the
  300
+    default safe characters will be used (but an empty string can be provided
  301
+    when *all* characters should be escaped).
  302
+    """
296 303
     from django.utils.http import urlquote
297  
-    return urlquote(value)
  304
+    kwargs = {}
  305
+    if safe is not None:
  306
+        kwargs['safe'] = safe
  307
+    return urlquote(value, **kwargs)
298 308
 urlencode.is_safe = False
299 309
 urlencode = stringfilter(urlencode)
300 310
 
4  django/utils/http.py
@@ -14,7 +14,7 @@ def urlquote(url, safe='/'):
14 14
     can safely be used as part of an argument to a subsequent iri_to_uri() call
15 15
     without double-quoting occurring.
16 16
     """
17  
-    return force_unicode(urllib.quote(smart_str(url), safe))
  17
+    return force_unicode(urllib.quote(smart_str(url), smart_str(safe)))
18 18
 
19 19
 urlquote = allow_lazy(urlquote, unicode)
20 20
 
@@ -25,7 +25,7 @@ def urlquote_plus(url, safe=''):
25 25
     returned string can safely be used as part of an argument to a subsequent
26 26
     iri_to_uri() call without double-quoting occurring.
27 27
     """
28  
-    return force_unicode(urllib.quote_plus(smart_str(url), safe))
  28
+    return force_unicode(urllib.quote_plus(smart_str(url), smart_str(safe)))
29 29
 urlquote_plus = allow_lazy(urlquote_plus, unicode)
30 30
 
31 31
 def urlencode(query, doseq=0):
13  docs/ref/templates/builtins.txt
@@ -1967,6 +1967,19 @@ For example::
1967 1967
 If ``value`` is ``"http://www.example.org/foo?a=b&c=d"``, the output will be
1968 1968
 ``"http%3A//www.example.org/foo%3Fa%3Db%26c%3Dd"``.
1969 1969
 
  1970
+.. versionadded:: 1.1
  1971
+
  1972
+An optional argument containing the characters which should not be escaped can
  1973
+be provided.
  1974
+
  1975
+If not provided, the '/' character is assumed safe. An empty string can be
  1976
+provided when *all* characters should be escaped. For example::
  1977
+
  1978
+    {{ value|urlencode:"" }}
  1979
+
  1980
+If ``value`` is ``"http://www.example.org/"``, the output will be
  1981
+``"http%3A%2F%2Fwww.example.org%2F"``.
  1982
+
1970 1983
 .. templatefilter:: urlize
1971 1984
 
1972 1985
 urlize
4  tests/regressiontests/templates/filters.py
@@ -265,6 +265,10 @@ def get_filter_tests():
265 265
         'filter-iriencode03': ('{{ url|iriencode }}', {'url': mark_safe('?test=1&me=2')}, '?test=1&me=2'),
266 266
         'filter-iriencode04': ('{% autoescape off %}{{ url|iriencode }}{% endautoescape %}', {'url': mark_safe('?test=1&me=2')}, '?test=1&me=2'),
267 267
 
  268
+        # urlencode
  269
+        'filter-urlencode01': ('{{ url|urlencode }}', {'url': '/test&"/me?/'}, '/test%26%22/me%3F/'),
  270
+        'filter-urlencode02': ('/test/{{ urlbit|urlencode:"" }}/', {'urlbit': 'escape/slash'}, '/test/escape%2Fslash/'),
  271
+
268 272
         # Chaining a bunch of safeness-preserving filters should not alter
269 273
         # the safe status either way.
270 274
         'chaining01': ('{{ a|capfirst|center:"7" }}.{{ b|capfirst|center:"7" }}', {"a": "a < b", "b": mark_safe("a < b")}, " A &lt; b . A < b "),

0 notes on commit 759625c

Please sign in to comment.
Something went wrong with that request. Please try again.