hazza/DSpace
1
0
Fork 0
mirror of https://github.com/DSpace/DSpace.git synced 2025-10-18 15:33:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Escape special characters in JSPUI queries as well

Browse Source
This commit is contained in:
Tim Donohue
2015-07-09 18:51:40 +00:00
parent b04b3f867d
commit 044f1716af
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
dspace-jspui/src/main/java/org/dspace/app/webui/discovery/DiscoverUtility.java
View File

@@ -225,6 +225,8 @@ public class DiscoverUtility
String query = request.getParameter("query"); String query = request.getParameter("query");
if (StringUtils.isNotBlank(query)) if (StringUtils.isNotBlank(query))
{ {
// Escape any special characters in this user-entered query
query = SearchUtils.getSearchService().escapeQueryChars(query);
queryArgs.setQuery(query); queryArgs.setQuery(query);
} }