#5983: Admin escapes ampersands in URLs when joining filters
-----------------------------------------------------------+----------------
Reporter: Antonis Christofides <[EMAIL PROTECTED]> | Owner:
nobody
Status: new |
Component: Admin interface
Version: SVN |
Resolution:
Keywords: |
Stage: Unreviewed
Has_patch: 0 |
Needs_docs: 0
Needs_tests: 0 |
Needs_better_patch: 0
-----------------------------------------------------------+----------------
Changes (by SmileyChris):
* needs_better_patch: => 0
* needs_tests: => 0
* needs_docs: => 0
Comment:
I narrowed it down to `django/contrib/admin/templates/admin/filter.html` -
`choice.querystring` is `SafeData`, but `iriencode` doesn't respect that
and it gets re-escaped.
Solution seems to be marking the `iriencode` filter with `is_safe`, since
it doesn't introduce dangerous characters - so a safe string in means a
safe string out.
--
Ticket URL: <http://code.djangoproject.com/ticket/5983#comment:1>
Django Code <http://code.djangoproject.com/>
The web framework for perfectionists with deadlines
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en
-~----------~----~----~----~------~----~------~--~---
