Escaping just the querystring part of a url in Rails

Question

In a Rails 3.0.11 app, I am using the normal helper methods to generate the urls for some links (eg:

home_url() # for the home page
search_url() # for the search page

etc. )

I am passing in a bunch of parameters that will be used to create a querystring that is then appended to the url. eg

search_url(:text => '123')  # => http://mysite.com/search?text=123

Some of these params get a bit more complicated and there are some nested hashes eg

search_url(:text => '123', :categories => {:category_1 => 1, :category_2 => 2}) # => http://mysite.com/search?text=123&categories[category_1]=1&categories[category_2]=2

The problem I have is how to escape this properly so that it validates (against the W3C HTML validator), particularly with regard to the square brackets. If I use h(), the ampersands are escaped but it still fails validation on the square brackets. I can use CGI.escape on the whole string but that will also encode everything before the querystring, including the :// at the start of the address, meaning that the browser will treat it as a relative url when it should be absolute (it needs to be I'm afraid).

I know I could just hack the string up, encode the bits I need and put it back together but it seems like there must be a better way. Anyone know of one?

Cheers

Adam

Answer 1

This is fixed in rails 3.2. Under the hood it's the method Hash#to_query that does the job.

3.0

{ :x => { :y => '[]' } }.to_query
=> "x[y]=%5B%5D"

3.2

{ :x => { :y => '[]' } }.to_query
 => "x%5By%5D=%5B%5D"

Perhaps dig into the source to see what the changes are and backport them into your app