From c666b20287d4aedd929899b6bb4f0c7065ea3d58 Mon Sep 17 00:00:00 2001
From: za-creature <za_creature@yahoo.com>
Date: Thu, 11 Apr 2013 19:57:03 +0300
Subject: [PATCH] Update connection-parameters.js
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The current connection url handling fails when the password contains
encoded special characters: After the encodeURI, the special
characters from the password are double encoded, and the password is
rejected by postgres.

Proposed fix handles one level of double encoding, and while it
might break compatibility with passwords like "asdfg%77fgh" (which
would've been escaped to asdfg%2577fgh before this patch), I
strongly feel that maintaining backwards compatibility is in this
case less important than following standards and discouraging bad
coding practices.
---
 lib/connection-parameters.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/connection-parameters.js b/lib/connection-parameters.js
index d6351701..c75515ab 100644
--- a/lib/connection-parameters.js
+++ b/lib/connection-parameters.js
@@ -17,7 +17,8 @@ var parse = function(str) {
     return { host: str };
   }
   // url parse expects spaces encoded as %20
-  str = encodeURI(str);
+  // however, we don't want to double-encode
+  str = encodeURI(str).replace(/\%25/g, "%");
   var result = url.parse(str);
   var config = {};
   config.host = result.hostname;