Bug #8284
Search parameters entered by user should not be escaped when returned in the search box.
| Status: | Verified | Start date: | 04/15/2015 | |
|---|---|---|---|---|
| Priority: | Medium | Due date: | ||
| Assignee: | Dan Gillean | % Done: | 0% | |
| Category: | Search / Browse | |||
| Target version: | Release 2.2.0 | |||
| Google Code Legacy ID: | Tested version: | 2.2 | ||
| Sponsored: | No | Requires documentation: |
Description
To reproduce
- In the global search box, enter a phrase in quotations to search exactly - e.g. "vancouver special"
- Press enter
- When the page reloads with results, the search box input is now escaped, and appears as:
"vancouver special"
- If you press enter again, and resubmit the query, it will keep escaping the escaped ampersand character, like so:
"vancouver special"
While I got no results the first time, pressing enter again returns results - meaning that the escaped characters are not being interpreted as quotations when resubmitted to elasticsearch, and "vancouver" OR "special" is now being searched.
Expected behavior
Ideally, we can find a way to make sure that the search query is preserved, without mitigating the security protections provided by #7647.
History
#1 Updated by José Raddaoui Marín about 7 years ago
- Status changed from New to QA/Review
- Assignee changed from José Raddaoui Marín to Dan Gillean