From 140ab27954208359e3a2e24da375f118f3e4bb52 Mon Sep 17 00:00:00 2001
From: Dennis <mail@denisu.jp>
Date: Sun, 28 Aug 2011 19:51:04 +0200
Subject: [PATCH 1/3] unescape fallback for malformed uri components

instead of just ignoring wrong encoded uri components, we should at leas
t unescape them with the default javascript unescape function, which doe
sn't break on malformed encodings.
---
 lib/querystring.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/querystring.js b/lib/querystring.js
index 4246e96..f770013 100644
--- a/lib/querystring.js
+++ b/lib/querystring.js
@@ -47,7 +47,7 @@ exports.parse = function(str){
       try{ 
         pair = decodeURIComponent(pair.replace(/\+/g, ' '));
       } catch(e) {
-        // ignore
+        pair = unescape(pair.replace(/\+/g, ' '));
       }
 
       var eql = pair.indexOf('=')

From a3c396c773b5d9fca977594129f4bd974918706c Mon Sep 17 00:00:00 2001
From: Dennis <mail@denisu.jp>
Date: Mon, 29 Aug 2011 18:35:27 +0200
Subject: [PATCH 2/3] test for unescape fallback of malformed uri components

---
 test/parse.test.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/test/parse.test.js b/test/parse.test.js
index 4e7d730..c226f7e 100644
--- a/test/parse.test.js
+++ b/test/parse.test.js
@@ -140,8 +140,9 @@ module.exports = {
   'test malformed uri': function(){
     qs.parse('{%:%}').should.eql({ '{%:%}': '' });
     qs.parse('foo=%:%}').should.eql({ 'foo': '%:%}' });
+    qs.parse('foo=%:%}%20').should.eql({ 'foo': '%:%} ' });
   }
-  
+
   // 'test complex': function(){
   //   qs.parse('users[][name][first]=tj&users[foo]=bar')
   //     .should.eql({

From 26867be194d5a8f8f8ea7007526e1459238a4482 Mon Sep 17 00:00:00 2001
From: Dennis <mail@denisu.jp>
Date: Mon, 29 Aug 2011 18:37:18 +0200
Subject: [PATCH 3/3] test for unescaping of non-utf8 encoded data

---
 test/parse.test.js | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/test/parse.test.js b/test/parse.test.js
index c226f7e..d724cc0 100644
--- a/test/parse.test.js
+++ b/test/parse.test.js
@@ -141,6 +141,10 @@ module.exports = {
     qs.parse('{%:%}').should.eql({ '{%:%}': '' });
     qs.parse('foo=%:%}').should.eql({ 'foo': '%:%}' });
     qs.parse('foo=%:%}%20').should.eql({ 'foo': '%:%} ' });
+  },
+
+  'test unescaping of non-utf8 encoded data': function(){
+    qs.parse('foo=%E4%20bar').should.eql({ 'foo': String.fromCharCode('228') + ' bar' });
   }
 
   // 'test complex': function(){