[#34540] - URL encoding for search word in com_search
- Closed
- 17 Jun 2021
- Medium
- Build: staging
- # 34540
What needs to be fixed
In com_search/controller.php, the searched term isn't encoded when the server send redirection to the client.
The standard is to always encode those characters. A double urlencode() could fix it.
Why this should be fixed
This cause number of bugs with special characters, such as ampersand (place everything that follow it into a new URL parameter), and accents cause errors with some security protections, such as HAproxy's default configuration for accept-invalid-http-response.
How would you fix it
As stated before, replacing $post['searchword'] = $searchword; by $post['searchword'] = urlencode(urlencode($searchword)); fix the problem.
I created this issue to reference it in my Pull Request with the fix.
Side Effects expected
None, except some bugs or unexpected behavior to be gone
joomla-cms-bot
- | Labels |
Added:
?
|
||
| Status | New | ⇒ | Closed |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2021-06-17 15:39:40 |
| Closed_By | ⇒ | alikon |
Oh ok thank you, it was the first time I ever contribute to an Open Source project and I was scared to forget something, sorry about this
closing as we have a PR to test #34541
p.s?
@indyteo you don't need to open an issue if you submit a pull request