Fixes #10353: Table action buttons should reserve return URL parameters

2025-07-20 02:06:42 -06:00 · 2022-09-15 13:40:39 -04:00 · 2022-09-15 13:40:39 -04:00 · 91fd25a548
commit 91fd25a548
parent e05696dfcc
2 changed files with 3 additions and 1 deletions
--- a/docs/release-notes/version-3.3.md
+++ b/docs/release-notes/version-3.3.md
@ -24,6 +24,7 @@
 * [#10307](https://github.com/netbox-community/netbox/issues/10307) - Correct value for "Passive 48V (4-pair)" PoE type selection
 * [#10333](https://github.com/netbox-community/netbox/issues/10333) - Show available values for `ui_visibility` field of CustomField for CSV import
 * [#10337](https://github.com/netbox-community/netbox/issues/10337) - Display SSO links when local authentication fails
 * [#10353](https://github.com/netbox-community/netbox/issues/10353) - Table action buttons should reserve return URL parameters
 * [#10362](https://github.com/netbox-community/netbox/issues/10362) - Correct display of custom fields when editing an L2VPN termination
 ---
--- a/netbox/netbox/tables/columns.py
+++ b/netbox/netbox/tables/columns.py
@ -7,6 +7,7 @@ from django.contrib.auth.models import AnonymousUser
 from django.db.models import DateField, DateTimeField
 from django.template import Context, Template
 from django.urls import reverse
 from django.utils.encoding import escape_uri_path
 from django.utils.html import escape
 from django.utils.formats import date_format
 from django.utils.safestring import mark_safe
@ -210,7 +211,7 @@ class ActionsColumn(tables.Column):
        model = table.Meta.model
        request = getattr(table, 'context', {}).get('request')
-        url_appendix = f'?return_url={request.path}' if request else ''
+        url_appendix = f'?return_url={escape_uri_path(request.get_full_path())}' if request else ''
        html = ''
        # Compile actions menu