From fc49aac02be91aafcb73b2f3bfab7e3ee133b1bc Mon Sep 17 00:00:00 2001
From: Jonathon Anderson <jonathon.anderson@colorado.edu>
Date: Wed, 24 Feb 2016 16:48:23 -0700
Subject: [PATCH] Do not consider `@' character url-safe

Usernames that have an `@'-separated domain component
break JupyterHub when the server expects to see query
strings that contain an `@', when browsers and other
clients send `%40'.
---
 jupyterhub/user.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/jupyterhub/user.py b/jupyterhub/user.py
index 66b3a944..5b47d32b 100644
--- a/jupyterhub/user.py
+++ b/jupyterhub/user.py
@@ -146,7 +146,7 @@ class User(HasTraits):
     @property
     def escaped_name(self):
         """My name, escaped for use in URLs, cookies, etc."""
-        return quote(self.name, safe='@')
+        return quote(self.name, safe='')
     
     @gen.coroutine
     def spawn(self, options=None):