Tilde encoding (#1659)

Closes #1657 Refs #1439
2025-12-10 16:51:24 +01:00 · 2022-03-15 11:01:57 -07:00 · 2022-03-15 11:01:57 -07:00 · a35393b29c
commit a35393b29c
parent c10cd48baf
14 changed files with 125 additions and 141 deletions
--- a/datasette/views/table.py
+++ b/datasette/views/table.py
@ -12,7 +12,8 @@ from datasette.utils import (
    MultiParams,
    append_querystring,
    compound_keys_after_sql,
-    dash_encode,
+    tilde_decode,
+    tilde_encode,
    escape_sqlite,
    filters_should_redirect,
    is_url,
@ -143,7 +144,7 @@ class RowTableShared(DataView):
                            '<a href="{base_url}{database}/{table}/{flat_pks_quoted}">{flat_pks}</a>'.format(
                                base_url=base_url,
                                database=database,
-                                table=dash_encode(table),
+                                table=tilde_encode(table),
                                flat_pks=str(markupsafe.escape(pk_path)),
                                flat_pks_quoted=path_from_row_pks(row, pks, not pks),
                            )
@ -200,8 +201,8 @@ class RowTableShared(DataView):
                        link_template.format(
                            database=database,
                            base_url=base_url,
-                            table=dash_encode(other_table),
-                            link_id=dash_encode(str(value)),
+                            table=tilde_encode(other_table),
+                            link_id=tilde_encode(str(value)),
                            id=str(markupsafe.escape(value)),
                            label=str(markupsafe.escape(label)) or "-",
                        )
@ -346,6 +347,8 @@ class TableView(RowTableShared):
                write=bool(canned_query.get("write")),
            )

+        table = tilde_decode(table)
+
        db = self.ds.databases[database]
        is_view = bool(await db.get_view_definition(table))
        table_exists = bool(await db.table_exists(table))
@ -766,7 +769,7 @@ class TableView(RowTableShared):
                if prefix is None:
                    prefix = "$null"
                else:
-                    prefix = dash_encode(str(prefix))
+                    prefix = tilde_encode(str(prefix))
                next_value = f"{prefix},{next_value}"
                added_args = {"_next": next_value}
                if sort:
@ -938,6 +941,7 @@ class RowView(RowTableShared):
    name = "row"

    async def data(self, request, database, hash, table, pk_path, default_labels=False):
+        table = tilde_decode(table)
        await self.check_permissions(
            request,
            [