diff options
| author | Ryan Hiebert <ryan@ryanhiebert.com> | 2014-08-24 16:55:42 -0500 |
|---|---|---|
| committer | Ryan Hiebert <ryan@ryanhiebert.com> | 2014-08-24 16:55:42 -0500 |
| commit | e833e0cb5fa8bd789db8ef60e8cea199af9ea0e7 (patch) | |
| tree | 97ac643656bd513af6f2b855a9a56abb5f2fd382 | |
| parent | a0e6349e641407f1e2dd701d69ee91c3beb5587d (diff) | |
| download | oauthlib-e833e0cb5fa8bd789db8ef60e8cea199af9ea0e7.tar.gz | |
Allow unescaped @ in urlencoded parameters
At least Internet Explorer does not url encode the @ symbol, such as
when in an email address, in it's form uploading from HTML. Since the @
symbol doesn't have any special meaning in the querystring of a URL, not
encoding it shouldn't present any problems. Thus, we should add @ to the
list of allowed characters in form urlencoded data.
| -rw-r--r-- | oauthlib/common.py | 2 | ||||
| -rw-r--r-- | tests/test_common.py | 1 |
2 files changed, 2 insertions, 1 deletions
diff --git a/oauthlib/common.py b/oauthlib/common.py index 5ab647c..2ffdea9 100644 --- a/oauthlib/common.py +++ b/oauthlib/common.py @@ -119,7 +119,7 @@ def decode_params_utf8(params): return decoded -urlencoded = set(always_safe) | set('=&;%+~,*') +urlencoded = set(always_safe) | set('=&;%+~,*@') def urldecode(query): diff --git a/tests/test_common.py b/tests/test_common.py index 7b904b2..508c5ac 100644 --- a/tests/test_common.py +++ b/tests/test_common.py @@ -41,6 +41,7 @@ class EncodingTest(TestCase): [('foo_ ~', '.bar-')]) self.assertItemsEqual(urldecode('foo=1,2,3'), [('foo', '1,2,3')]) self.assertItemsEqual(urldecode('foo=bar.*'), [('foo', 'bar.*')]) + self.assertItemsEqual(urldecode('foo=bar@spam'), [('foo', 'bar@spam')]) self.assertRaises(ValueError, urldecode, 'foo bar') self.assertRaises(ValueError, urldecode, '?') self.assertRaises(ValueError, urldecode, '%R') |