Improve JS course key validation to not allow special chars.

Course and Library keys cannot contiain !'()* special characters,
but the JS validation on the new course/library failed to detect
these characters.

`encodeURIComponent` is used to check the string for special characters,
but `encodeURIComponent` does not encode these characters: -_!~*'().
(see https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/encodeURIComponent)

The -_~ characters are allowed in course keys, but !'()* are not,
so add an explicit check for these characters to make sure a field
containing these characters does not pass the validation.

cms/static/js/spec/views/utils/view_utils_spec.js

@@ -40,5 +40,53 @@ define(["jquery", "underscore", "js/views/baseview", "js/views/utils/view_utils"
                     ViewHelpers.verifyNotificationShowing(notificationSpy, /Testing/);
                 });
             });
+
+            describe("course/library fields validation", function() {
+                describe("without unicode support", function() {
+                    it("validates presence of field", function() {
+                        var error = ViewUtils.validateURLItemEncoding('', false);
+                        expect(error).toBeTruthy();
+                    });
+
+                    it("checks for presence of special characters in the field", function() {
+                        var error;
+                        // Special characters are not allowed.
+                        error = ViewUtils.validateURLItemEncoding('my+field', false);
+                        expect(error).toBeTruthy();
+                        error = ViewUtils.validateURLItemEncoding('2014!', false);
+                        expect(error).toBeTruthy();
+                        error = ViewUtils.validateURLItemEncoding('*field*', false);
+                        expect(error).toBeTruthy();
+                        // Spaces not allowed.
+                        error = ViewUtils.validateURLItemEncoding('Jan 2014', false);
+                        expect(error).toBeTruthy();
+                        // -_~. are allowed.
+                        error = ViewUtils.validateURLItemEncoding('2015-Math_X1.0~', false);
+                        expect(error).toBeFalsy();
+                    });
+
+                    it("does not allow unicode characters", function() {
+                        var error = ViewUtils.validateURLItemEncoding('Field-\u010d', false);
+                        expect(error).toBeTruthy();
+                    });
+                });
+
+                describe("with unicode support", function() {
+                    it("validates presence of field", function() {
+                        var error = ViewUtils.validateURLItemEncoding('', true);
+                        expect(error).toBeTruthy();
+                    });
+
+                    it("checks for presence of spaces", function() {
+                        var error = ViewUtils.validateURLItemEncoding('My Field', true);
+                        expect(error).toBeTruthy();
+                    });
+
+                    it("allows unicode characters", function() {
+                        var error = ViewUtils.validateURLItemEncoding('Field-\u010d', true);
+                        expect(error).toBeFalsy();
+                    });
+                });
+            });
         });
     });

cms/static/js/views/utils/view_utils.js

@@ -199,7 +199,7 @@ define(["jquery", "underscore", "gettext", "js/views/feedback_notification", "js
                 }
             }
             else {
-                if (item !== encodeURIComponent(item)) {
+                if (item !== encodeURIComponent(item) || item.match(/[!'()*]/)) {
                     return gettext('Please do not use any spaces or special characters in this field.');
                 }
             }