Fixed #22223 -- Prevented over-escaping URLs in reverse()

And follow more closely the class of characters defined in the RFC 3986. Thanks Erik van Zijst for the report and the initial patch, and Tim Graham for the review.
author: Claude Paroz <claude@2xlibre.net> 2014-06-26 16:55:36 +0200
committer: Claude Paroz <claude@2xlibre.net> 2014-07-09 09:54:34 +0200
commit: e167e96cfea670422ca75d0b35fe7c4195f25b63 (patch)
tree: 5d4e868390c8afefd43026b0710d72f7c1785c82 /django/utils/html.py
parent: 8780849da06f866720284d2c61d0aae5890e92ae (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/django/utils/html.py b/django/utils/html.py
index 38fe90d1a9..d5fe2f4a6b 100644
--- a/django/utils/html.py
+++ b/django/utils/html.py
@@ -7,6 +7,7 @@ import sys
 
 from django.utils.encoding import force_text, force_str
 from django.utils.functional import allow_lazy
+from django.utils.http import RFC3986_GENDELIMS, RFC3986_SUBDELIMS
 from django.utils.safestring import SafeData, mark_safe
 from django.utils import six
 from django.utils.six.moves.urllib.parse import quote, unquote, urlsplit, urlunsplit
@@ -215,7 +216,7 @@ def smart_urlquote(url):
 
     url = unquote(force_str(url))
     # See http://bugs.python.org/issue2637
-    url = quote(url, safe=b'!*\'();:@&=+$,/?#[]~')
+    url = quote(url, safe=RFC3986_SUBDELIMS + RFC3986_GENDELIMS + str('~'))
 
     return force_text(url)
author	Claude Paroz <claude@2xlibre.net>	2014-06-26 16:55:36 +0200
committer	Claude Paroz <claude@2xlibre.net>	2014-07-09 09:54:34 +0200
commit	e167e96cfea670422ca75d0b35fe7c4195f25b63 (patch)
tree	5d4e868390c8afefd43026b0710d72f7c1785c82 /django/utils/html.py
parent	8780849da06f866720284d2c61d0aae5890e92ae (diff)