Index: includes/common.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/common.inc,v
retrieving revision 1.756.2.58
diff -u -p -r1.756.2.58 common.inc
--- includes/common.inc	1 Jul 2009 21:01:41 -0000	1.756.2.58
+++ includes/common.inc	12 Jul 2009 21:28:45 -0000
@@ -216,7 +216,7 @@ function drupal_query_string_encode($que
   $params = array();
 
   foreach ($query as $key => $value) {
-    $key = drupal_urlencode($key);
+    $key = rawurlencode($key);
     if ($parent) {
       $key = $parent .'['. $key .']';
     }
@@ -229,7 +229,7 @@ function drupal_query_string_encode($que
       $params[] = drupal_query_string_encode($value, $exclude, $key);
     }
     else {
-      $params[] = $key .'='. drupal_urlencode($value);
+      $params[] = $key .'='. rawurlencode($value);
     }
   }
 
@@ -1347,8 +1347,8 @@ function format_date($timestamp, $type =
  * @param $options
  *   An associative array of additional options, with the following keys:
  *   - 'query'
- *       A query string to append to the link, or an array of query key/value
- *       properties.
+ *       A URL-encoded query string to append to the link, or an array of query
+ *       key/value-pairs without any URL-encoding.
  *   - 'fragment'
  *       A fragment identifier (or named anchor) to append to the link.
  *       Do not include the '#' character.
@@ -2462,6 +2462,8 @@ function drupal_json($var = NULL) {
  *   characters are double escaped so PHP will still see the encoded version.
  * - With clean URLs, Apache changes '//' to '/', so every second slash is
  *   double escaped.
+ * - This function should only be used on paths, not on query string arguments,
+ *   otherwise unwanted double encoding will occur.
  *
  * @param $text
  *   String to encode
Index: misc/drupal.js
===================================================================
RCS file: /cvs/drupal/drupal/misc/drupal.js,v
retrieving revision 1.41.2.3
diff -u -p -r1.41.2.3 drupal.js
--- misc/drupal.js	25 Jun 2008 09:06:57 -0000	1.41.2.3
+++ misc/drupal.js	12 Jul 2009 21:28:45 -0000
@@ -218,8 +218,9 @@ Drupal.unfreezeHeight = function () {
 };
 
 /**
- * Wrapper to address the mod_rewrite url encoding bug
- * (equivalent of drupal_urlencode() in PHP).
+ * Wrapper around encodeURIComponent() which avoids Apache quirks (equivalent of
+ * drupal_urlencode() in PHP). This function should only be used on paths, not
+ * on query string arguments.
  */
 Drupal.encodeURIComponent = function (item, uri) {
   uri = uri || location.href;
Index: modules/comment/comment.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/comment/comment.module,v
retrieving revision 1.617.2.8
diff -u -p -r1.617.2.8 comment.module
--- modules/comment/comment.module	1 Jul 2009 20:51:55 -0000	1.617.2.8
+++ modules/comment/comment.module	12 Jul 2009 21:28:45 -0000
@@ -1790,10 +1790,10 @@ function theme_comment_post_forbidden($n
       // We cannot use drupal_get_destination() because these links
       // sometimes appear on /node and taxonomy listing pages.
       if (variable_get('comment_form_location_'. $node->type, COMMENT_FORM_SEPARATE_PAGE) == COMMENT_FORM_SEPARATE_PAGE) {
-        $destination = 'destination='. drupal_urlencode("comment/reply/$node->nid#comment-form");
+        $destination = 'destination='. rawurlencode("comment/reply/$node->nid#comment-form");
       }
       else {
-        $destination = 'destination='. drupal_urlencode("node/$node->nid#comment-form");
+        $destination = 'destination='. rawurlencode("node/$node->nid#comment-form");
       }
 
       if (variable_get('user_register', 1)) {
Index: modules/system/system.js
===================================================================
RCS file: /cvs/drupal/drupal/modules/system/system.js,v
retrieving revision 1.14.2.1
diff -u -p -r1.14.2.1 system.js
--- modules/system/system.js	7 Feb 2008 18:23:30 -0000	1.14.2.1
+++ modules/system/system.js	12 Jul 2009 21:28:45 -0000
@@ -102,7 +102,7 @@ Drupal.behaviors.dateTime = function(con
   // Attach keyup handler to custom format inputs.
   $('input.custom-format:not(.date-time-processed)', context).addClass('date-time-processed').keyup(function() {
     var input = $(this);
-    var url = Drupal.settings.dateTime.lookup +(Drupal.settings.dateTime.lookup.match(/\?q=/) ? "&format=" : "?format=") + Drupal.encodeURIComponent(input.val());
+    var url = Drupal.settings.dateTime.lookup +(Drupal.settings.dateTime.lookup.match(/\?q=/) ? "&format=" : "?format=") + encodeURIComponent(input.val());
     $.getJSON(url, function(data) {
       $("div.description span", input.parent()).html(data);
     });
Index: modules/update/update.fetch.inc
===================================================================
RCS file: /cvs/drupal/drupal/modules/update/update.fetch.inc,v
retrieving revision 1.7.2.6
diff -u -p -r1.7.2.6 update.fetch.inc
--- modules/update/update.fetch.inc	9 Jun 2009 11:08:32 -0000	1.7.2.6
+++ modules/update/update.fetch.inc	12 Jul 2009 21:28:45 -0000
@@ -114,10 +114,10 @@ function _update_build_fetch_url($projec
   if (!empty($site_key) && (strpos($project['project_type'], 'disabled') === FALSE)) {
     $url .= (strpos($url, '?') === TRUE) ? '&' : '?';
     $url .= 'site_key=';
-    $url .= drupal_urlencode($site_key);
+    $url .= rawurlencode($site_key);
     if (!empty($project['info']['version'])) {
       $url .= '&version=';
-      $url .= drupal_urlencode($project['info']['version']);
+      $url .= rawurlencode($project['info']['version']);
     }
   }
   return $url;