2 files changed, 10 insertions, 4 deletions

diff --git a/actionpack/lib/action_dispatch/routing/route_set.rb b/actionpack/lib/action_dispatch/routing/route_set.rb
index 57a73dde75..97fe137633 100644
--- a/actionpack/lib/action_dispatch/routing/route_set.rb
+++ b/actionpack/lib/action_dispatch/routing/route_set.rb
@@ -447,7 +447,7 @@ module ActionDispatch
 
         # ROUTES TODO: This can be called directly, so script_name should probably be set in the router
         rewritten_url << (options[:trailing_slash] ? path.sub(/\?|\z/) { "/" + $& } : path)
-        rewritten_url << "##{Rack::Utils.escape(options[:anchor].to_param.to_s)}" if options[:anchor]
+        rewritten_url << "##{Rack::Mount::Utils.escape_uri(options[:anchor].to_param.to_s)}" if options[:anchor]
 
         rewritten_url
       end
diff --git a/actionpack/test/controller/url_for_test.rb b/actionpack/test/controller/url_for_test.rb
index 907acf9573..4b30b0af36 100644
--- a/actionpack/test/controller/url_for_test.rb
+++ b/actionpack/test/controller/url_for_test.rb
@@ -34,9 +34,15 @@ module AbstractController
         )
       end
 
-      def test_anchor_should_be_cgi_escaped
-        assert_equal('/c/a#anc%2Fhor',
-          W.new.url_for(:only_path => true, :controller => 'c', :action => 'a', :anchor => Struct.new(:to_param).new('anc/hor'))
+      def test_anchor_should_escape_unsafe_pchar
+        assert_equal('/c/a#%23anchor',
+          W.new.url_for(:only_path => true, :controller => 'c', :action => 'a', :anchor => Struct.new(:to_param).new('#anchor'))
+        )
+      end
+
+      def test_anchor_should_not_escape_safe_pchar
+        assert_equal('/c/a#name=user&email=user@domain.com',
+          W.new.url_for(:only_path => true, :controller => 'c', :action => 'a', :anchor => Struct.new(:to_param).new('name=user&email=user@domain.com'))
         )
       end