github/datasette
1
0
Fork 0
mirror of https://github.com/simonw/datasette.git synced 2025-12-10 16:51:24 +01:00
Code Issues Projects Releases Packages Wiki Activity

Fix bug with percentage redirects, close #1650

Browse source
This commit is contained in:
Simon Willison 2022-03-07 11:26:08 -08:00
commit c85d669de3
2 changed files with 10 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

7
datasette/utils/__init__.py
View file

@ -10,6 +10,7 @@ import markupsafe
import mergedeep import mergedeep
import os import os
import re import re
import secrets
import shlex import shlex
import tempfile import tempfile
import typing import typing
@ -1172,4 +1173,8 @@ def dash_encode(s: str) -> str:
@documented @documented
def dash_decode(s: str) -> str: def dash_decode(s: str) -> str:
"Decodes a dash-encoded string, so ``-2Ffoo-2Fbar`` -> ``/foo/bar``" "Decodes a dash-encoded string, so ``-2Ffoo-2Fbar`` -> ``/foo/bar``"
return urllib.parse.unquote(s.replace("-", "%")) # Avoid accidentally decoding a %2f style sequence
temp = secrets.token_hex(16)
s = s.replace("%", temp)
decoded = urllib.parse.unquote(s.replace("-", "%"))
return decoded.replace(temp, "%")

4
tests/test_html.py
View file

@ -961,6 +961,10 @@ def test_no_alternate_url_json(app_client, path):
"/fivethirtyeight/twitter-ratio%2Fsenators", "/fivethirtyeight/twitter-ratio%2Fsenators",
"/fivethirtyeight/twitter-2Dratio-2Fsenators", "/fivethirtyeight/twitter-2Dratio-2Fsenators",
), ),
(
"/fixtures/table%2Fwith%2Fslashes",
"/fixtures/table-2Fwith-2Fslashes",
),
# query string should be preserved # query string should be preserved
("/foo/bar%2Fbaz?id=5", "/foo/bar-2Fbaz?id=5"), ("/foo/bar%2Fbaz?id=5", "/foo/bar-2Fbaz?id=5"),
), ),