Merge pull request #1336 from em-/fix/quote-everything

fix: handle tags like debian/2%2.6-21 as identifiers

2 files changed, 11 insertions, 3 deletions

diff --git a/gitlab/tests/test_utils.py b/gitlab/tests/test_utils.py
index 50aaecf..5a8148c 100644
--- a/gitlab/tests/test_utils.py
+++ b/gitlab/tests/test_utils.py
@@ -27,6 +27,10 @@ def test_clean_str_id():
     dest = "foo%23bar%2Fbaz%2F"
     assert dest == utils.clean_str_id(src)
 
+    src = "foo%bar/baz/"
+    dest = "foo%25bar%2Fbaz%2F"
+    assert dest == utils.clean_str_id(src)
+
 
 def test_sanitized_url():
     src = "http://localhost/foo/bar"
@@ -48,6 +52,10 @@ def test_sanitize_parameters_slash():
     assert "foo%2Fbar" == utils.sanitize_parameters("foo/bar")
 
 
+def test_sanitize_parameters_slash_and_percent():
+    assert "foo%2Fbar%25quuz" == utils.sanitize_parameters("foo/bar%quuz")
+
+
 def test_sanitize_parameters_dict():
     source = {"url": "foo/bar", "id": 1}
     expected = {"url": "foo%2Fbar", "id": 1}
diff --git a/gitlab/utils.py b/gitlab/utils.py
index 987f1d3..45a4af8 100644
--- a/gitlab/utils.py
+++ b/gitlab/utils.py
@@ -16,7 +16,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 from typing import Any, Callable, Dict, Optional
-from urllib.parse import urlparse
+from urllib.parse import quote, urlparse
 
 import requests
 
@@ -57,14 +57,14 @@ def copy_dict(dest: Dict[str, Any], src: Dict[str, Any]) -> None:
 
 
 def clean_str_id(id: str) -> str:
-    return id.replace("/", "%2F").replace("#", "%23")
+    return quote(id, safe="")
 
 
 def sanitize_parameters(value):
     if isinstance(value, dict):
         return dict((k, sanitize_parameters(v)) for k, v in value.items())
     if isinstance(value, str):
-        return value.replace("/", "%2F")
+        return quote(value, safe="")
     return value