From 91fd25a5486bdc72e2550b9955065311e77dfef7 Mon Sep 17 00:00:00 2001
From: jeremystretch <jstretch@ns1.com>
Date: Thu, 15 Sep 2022 13:40:39 -0400
Subject: [PATCH] Fixes #10353: Table action buttons should reserve return URL
 parameters

---
 docs/release-notes/version-3.3.md | 1 +
 netbox/netbox/tables/columns.py   | 3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/docs/release-notes/version-3.3.md b/docs/release-notes/version-3.3.md
index 3f4272f95..47e2ac3fc 100644
--- a/docs/release-notes/version-3.3.md
+++ b/docs/release-notes/version-3.3.md
@@ -24,6 +24,7 @@
 * [#10307](https://github.com/netbox-community/netbox/issues/10307) - Correct value for "Passive 48V (4-pair)" PoE type selection
 * [#10333](https://github.com/netbox-community/netbox/issues/10333) - Show available values for `ui_visibility` field of CustomField for CSV import
 * [#10337](https://github.com/netbox-community/netbox/issues/10337) - Display SSO links when local authentication fails
+* [#10353](https://github.com/netbox-community/netbox/issues/10353) - Table action buttons should reserve return URL parameters
 * [#10362](https://github.com/netbox-community/netbox/issues/10362) - Correct display of custom fields when editing an L2VPN termination
 
 ---
diff --git a/netbox/netbox/tables/columns.py b/netbox/netbox/tables/columns.py
index 6ab50d4c2..c7545192a 100644
--- a/netbox/netbox/tables/columns.py
+++ b/netbox/netbox/tables/columns.py
@@ -7,6 +7,7 @@ from django.contrib.auth.models import AnonymousUser
 from django.db.models import DateField, DateTimeField
 from django.template import Context, Template
 from django.urls import reverse
+from django.utils.encoding import escape_uri_path
 from django.utils.html import escape
 from django.utils.formats import date_format
 from django.utils.safestring import mark_safe
@@ -210,7 +211,7 @@ class ActionsColumn(tables.Column):
 
         model = table.Meta.model
         request = getattr(table, 'context', {}).get('request')
-        url_appendix = f'?return_url={request.path}' if request else ''
+        url_appendix = f'?return_url={escape_uri_path(request.get_full_path())}' if request else ''
         html = ''
 
         # Compile actions menu