a few too many quote's

pk = quote(getattr(obj, self.opts.pk.attname))
    self.url_helper.get_action_url('edit', quote(pk))   # < this was a little unneccessary, double function calls in multiple locations

CHANGELOG.txt

@@ -49,6 +49,7 @@ Changelog
  * Fix: Styles for submission filtering form now have a consistent height. (Thijs Kramer)
  * Fix: Custom user models with a primary key type requiring `get_db_prep_value` conversion are now supported (thenewguy)
  * Fix: Slicing a search result set no longer loses the annotation added by `annotate_score` (Karl Hobley)
+ * Fix: String-based primary keys are now escaped correctly in ModelAdmin URLs (Andreas Nüßlein)
 
 
 1.9 (16.02.2017)

docs/releases/1.10.rst

@@ -60,6 +60,7 @@ Bug fixes
  * The page type usage listing now have a translatable page title (Ramon de Jezus)
  * Styles for submission filtering form now have a consistent height. (Thijs Kramer)
  * Slicing a search result set no longer loses the annotation added by `annotate_score` (Karl Hobley)
+ * String-based primary keys are now escaped correctly in ModelAdmin URLs (Andreas Nüßlein)
 
 
 Upgrade considerations

wagtail/contrib/modeladmin/helpers/button.py

@@ -98,7 +98,7 @@ class ButtonHelper(object):
             classnames_exclude = []
         ph = self.permission_helper
         usr = self.request.user
-        pk = quote(getattr(obj, self.opts.pk.attname))
+        pk = getattr(obj, self.opts.pk.attname)
         btns = []
         if('inspect' not in exclude and ph.user_can_inspect_obj(usr, obj)):
             btns.append(
@@ -158,7 +158,7 @@ class PageButtonHelper(ButtonHelper):
             classnames_exclude = []
         ph = self.permission_helper
         usr = self.request.user
-        pk = quote(getattr(obj, self.opts.pk.attname))
+        pk = getattr(obj, self.opts.pk.attname)
         btns = []
         if('inspect' not in exclude and ph.user_can_inspect_obj(usr, obj)):
             btns.append(

wagtail/contrib/modeladmin/tests/test_simple_modeladmin.py

@@ -5,7 +5,7 @@ from django.contrib.auth import get_user_model
 from django.contrib.auth.models import Group
 from django.test import TestCase
 
-from wagtail.tests.modeladmintest.models import Author, Book, Publisher
+from wagtail.tests.modeladmintest.models import Author, Book, Publisher, Token
 from wagtail.tests.utils import WagtailTestUtils
 from wagtail.wagtailimages.models import Image
 from wagtail.wagtailimages.tests.utils import get_test_image_file
@@ -461,3 +461,26 @@ class TestEditorAccess(TestCase):
     def test_delete_post_permitted(self):
         response = self.client.post('/admin/modeladmintest/book/delete/2/')
         self.assertEqual(response.status_code, self.expected_status_code)
+
+
+class TestQuoting(TestCase, WagtailTestUtils):
+    fixtures = ['modeladmintest_test.json']
+    expected_status_code = 200
+
+    def setUp(self):
+        self.login()
+        self.tok_reg = Token.objects.create(key="RegularName")
+        self.tok_irr = Token.objects.create(key="Irregular_Name")
+
+    def test_action_links(self):
+        response = self.client.get('/admin/modeladmintest/token/')
+
+        self.assertContains(response, 'href="/admin/modeladmintest/token/edit/RegularName/"')
+        self.assertContains(response, 'href="/admin/modeladmintest/token/delete/RegularName/"')
+        self.assertContains(response, 'href="/admin/modeladmintest/token/edit/Irregular_5FName/"')
+        self.assertContains(response, 'href="/admin/modeladmintest/token/delete/Irregular_5FName/"')
+
+        response = self.client.get('/admin/modeladmintest/token/edit/Irregular_5FName/')
+        self.assertEqual(response.status_code, 200)
+        response = self.client.get('/admin/modeladmintest/token/delete/Irregular_5FName/')
+        self.assertEqual(response.status_code, 200)