1
1
mirror of https://github.com/encode/django-rest-framework.git synced 2025-07-23 06:29:58 +03:00

Proper escaping of URLs when replacing query parameter

This commit is contained in:
Tom Christie 2014-11-03 11:06:45 +00:00
parent 1ef4e6b7a8
commit 56d054e634

View File

@ -23,7 +23,7 @@ def replace_query_param(url, key, val):
query_dict = QueryDict(query).copy()
query_dict[key] = val
query = query_dict.urlencode()
return urlparse.urlunsplit((scheme, netloc, path, query, fragment))
return escape(urlparse.urlunsplit((scheme, netloc, path, query, fragment)))
# Regex for adding classes to html snippets