Search parameters entered by user should not be escaped when returned in the search box.
|Assignee:||Dan Gillean||% Done:|
|Category:||Search / Browse|
|Target version:||Release 2.2.0|
|Google Code Legacy ID:||Tested version:||2.2|
- In the global search box, enter a phrase in quotations to search exactly - e.g. "vancouver special"
- Press enter
- When the page reloads with results, the search box input is now escaped, and appears as:
- If you press enter again, and resubmit the query, it will keep escaping the escaped ampersand character, like so:
While I got no results the first time, pressing enter again returns results - meaning that the escaped characters are not being interpreted as quotations when resubmitted to elasticsearch, and "vancouver" OR "special" is now being searched.
Ideally, we can find a way to make sure that the search query is preserved, without mitigating the security protections provided by #7647.