Please sign in to comment.
Make URL escaping more consistent
1. Escape '%' characters in URLs - only unescaped data should be passed to URL helpers 2. Add an `escape_segment` helper to `Router::Utils` that escapes '/' characters 3. Use `escape_segment` rather than `escape_fragment` in optimized URL generation 4. Use `escape_segment` rather than `escape_path` in URL generation For point 4 there are two exceptions. Firstly, when a route uses wildcard segments (e.g. *foo) then we use `escape_path` as the value may contain '/' characters. This means that wildcard routes can't be optimized. Secondly, if a `:controller` segment is used in the path then this uses `escape_path` as the controller may be namespaced. Fixes #14629, #14636 and #14070.
- Loading branch information...
Showing with 89 additions and 10 deletions.
- +16 −0 actionpack/CHANGELOG.md
- +4 −0 actionpack/lib/action_dispatch/journey/route.rb
- +9 −0 actionpack/lib/action_dispatch/journey/router/utils.rb
- +17 −4 actionpack/lib/action_dispatch/journey/visitors.rb
- +2 −2 actionpack/lib/action_dispatch/routing/route_set.rb
- +25 −3 actionpack/test/dispatch/routing_test.rb
- +4 −0 actionpack/test/journey/router/utils_test.rb
- +12 −1 actionpack/test/journey/router_test.rb