-
-
Notifications
You must be signed in to change notification settings - Fork 318
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
'+'es are stripped from passwords #194
Comments
It's documented in the README and has been that way since 2016. The maintainer is generally open to PRs if you can account for unsafe characters and provide test cases. https://github.com/joke2k/django-environ#using-unsafe-characters-in-urls |
Actually according to that link, '+' is a safe character and does not need to be encoded, so the library is not functioning as per the documentation. |
We just run into the same problem 😬. For the moment we'll need to change our passwords to not contain any |
@ajhodges Please take a look at this answer #288 (comment) |
I'm using django-environ to read passwords that are generated by AWS (i.e. the SES SMTP credentials, which use an AWS Secret as the password). These passwords can have '+' symbols in them, which are stripped by
_cast_urlstr()
/unquote_plus()
.I think for now my temporary fix is to urlencode the passwords, but I feel like I shouldn't have to do that.
The text was updated successfully, but these errors were encountered: