diff --git a/rest_framework/templatetags/rest_framework.py b/rest_framework/templatetags/rest_framework.py
index f1825a24b..9b1f32197 100644
--- a/rest_framework/templatetags/rest_framework.py
+++ b/rest_framework/templatetags/rest_framework.py
@@ -198,7 +198,7 @@ def urlize_quoted_links(text, trim_url_limit=None, nofollow=True, autoescape=Tru
trimmed = trim_url(middle)
if autoescape and not safe_input:
lead, trail = escape(lead), escape(trail)
- url, trimmed = escape(url), escape(trimmed)
+ trimmed = escape(trimmed)
middle = '%s' % (url, nofollow_attr, trimmed)
words[i] = mark_safe('%s%s%s' % (lead, middle, trail))
else:
diff --git a/tests/test_renderers.py b/tests/test_renderers.py
index a8fd5f460..41072deac 100644
--- a/tests/test_renderers.py
+++ b/tests/test_renderers.py
@@ -101,6 +101,14 @@ class HTMLView1(APIView):
def get(self, request, **kwargs):
return Response('text')
+
+class HTMLView2(APIView):
+ renderer_classes = (BrowsableAPIRenderer, JSONRenderer)
+
+ def get(self, request, **kwargs):
+ return Response({'url': 'http://domain.com/?param=Yes+%26+No'})
+
+
urlpatterns = patterns(
'',
url(r'^.*\.(?P.+)$', MockView.as_view(renderer_classes=[RendererA, RendererB])),
@@ -111,6 +119,7 @@ urlpatterns = patterns(
url(r'^parseerror$', MockPOSTView.as_view(renderer_classes=[JSONRenderer, BrowsableAPIRenderer])),
url(r'^html$', HTMLView.as_view()),
url(r'^html1$', HTMLView1.as_view()),
+ url(r'^html2$', HTMLView2.as_view()),
url(r'^empty$', EmptyGETView.as_view()),
url(r'^api', include('rest_framework.urls', namespace='rest_framework'))
)
@@ -269,6 +278,16 @@ class RendererEndToEndTests(TestCase):
self.assertContains(resp, '>application/json<')
self.assertNotContains(resp, '>text/html; charset=utf-8<')
+ def test_browsable_api_urls(self):
+ """
+ Issue #1649
+
+ Test that URLs have properly escaped GET parameters.
+ """
+ resp = self.client.get('/html2')
+ # GET parameter should be escaped as Yes+%26+No, not Yes+&+No
+ self.assertEqual(resp.rendered_content.find('Yes+&+No'), -1)
+
_flat_repr = '{"foo":["bar","baz"]}'
_indented_repr = '{\n "foo": [\n "bar",\n "baz"\n ]\n}'