diff --git a/lib/capybara/driver/rack_test_driver.rb b/lib/capybara/driver/rack_test_driver.rb
index 5d52758d..66d4cf0a 100644
--- a/lib/capybara/driver/rack_test_driver.rb
+++ b/lib/capybara/driver/rack_test_driver.rb
@@ -1,5 +1,6 @@
require 'rack/test'
require 'nokogiri'
+require 'cgi'
class Capybara::Driver::RackTest
class Node < Capybara::Node
@@ -95,17 +96,21 @@ class Capybara::Driver::RackTest
params.compact!
params.push [button[:name], button[:value]] if button[:name]
if multipart?
- params.inject({}) { |agg, (key, value)| agg[key] = value; agg }
+ Hash[
+ params.map do |key, value|
+ [key, value.is_a?(String) ? CGI.escape(value.to_s) : value]
+ end
+ ]
else
- params.map { |key, value| "#{key}=#{value}" }.join('&')
+ params.map { |key, value| "#{key}=#{CGI.escape(value.to_s)}" }.join('&')
end
end
def submit(button)
if post?
- driver.submit(node['action'].to_s, params(button))
+ driver.submit(node['action'].to_s, params(button))
else
- driver.visit(node['action'].to_s.split('?').first + '?' + params(button))
+ driver.visit(node['action'].to_s.split('?').first + '?' + params(button))
end
end
diff --git a/spec/session_spec.rb b/spec/session_spec.rb
index 58fac77f..b38faa55 100644
--- a/spec/session_spec.rb
+++ b/spec/session_spec.rb
@@ -77,6 +77,10 @@ shared_examples_for "session" do
@results['first_name'].should == 'John'
end
+ it "should escape fields when submitting" do
+ @results['phone'].should == '+1 555 7021'
+ end
+
it "should serialize and submit password fields" do
@results['password'].should == 'seeekrit'
end
diff --git a/spec/views/form.erb b/spec/views/form.erb
index bb303904..2f84cd93 100644
--- a/spec/views/form.erb
+++ b/spec/views/form.erb
@@ -16,6 +16,11 @@
+
+
+
+
+