From 4ad089ef5407fadd98dc56906d0c092e7202b85e Mon Sep 17 00:00:00 2001 From: Bruno Roemers Date: Fri, 28 May 2021 15:40:20 +0200 Subject: [PATCH] 79698: Escape browse by author data requests --- src/app/core/browse/browse.service.spec.ts | 5 +++-- src/app/core/browse/browse.service.ts | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/src/app/core/browse/browse.service.spec.ts b/src/app/core/browse/browse.service.spec.ts index 89875b3069..a28add2e30 100644 --- a/src/app/core/browse/browse.service.spec.ts +++ b/src/app/core/browse/browse.service.spec.ts @@ -127,7 +127,8 @@ describe('BrowseService', () => { }); describe('getBrowseEntriesFor and findList', () => { - const mockAuthorName = 'Donald Smith'; + // should contain special characters such that url encoding can be tested as well + const mockAuthorName = 'Donald Smith & Sons'; beforeEach(() => { requestService = getMockRequestService(getRequestEntry$(true)); @@ -152,7 +153,7 @@ describe('BrowseService', () => { describe('when findList is called with a valid browse definition id', () => { it('should call hrefOnlyDataService.findAllByHref with the expected href', () => { - const expected = browseDefinitions[1]._links.items.href + '?filterValue=' + mockAuthorName; + const expected = browseDefinitions[1]._links.items.href + '?filterValue=' + encodeURIComponent(mockAuthorName); scheduler.schedule(() => service.getBrowseItemsFor(mockAuthorName, new BrowseEntrySearchOptions(browseDefinitions[1].id)).subscribe()); scheduler.flush(); diff --git a/src/app/core/browse/browse.service.ts b/src/app/core/browse/browse.service.ts index 7e55d381a6..ffc6f313b9 100644 --- a/src/app/core/browse/browse.service.ts +++ b/src/app/core/browse/browse.service.ts @@ -130,7 +130,7 @@ export class BrowseService { args.push(`startsWith=${options.startsWith}`); } if (isNotEmpty(filterValue)) { - args.push(`filterValue=${filterValue}`); + args.push(`filterValue=${encodeURIComponent(filterValue)}`); } if (isNotEmpty(args)) { href = new URLCombiner(href, `?${args.join('&')}`).toString();