Skip to content

Commit

Permalink
escape parantheses in query
Browse files Browse the repository at this point in the history
  • Loading branch information
@tedw87
tedw87 committed Oct 25, 2024
1 parent dcdb41b commit 2f89198
Showing 1 changed file with 10 additions and 0 deletions.
10 changes: 10 additions & 0 deletions src/plone/restapi/search/handler.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,10 @@ def _constrain_query_by_path(self, query):
path = "/".join(self.context.getPhysicalPath())
query["path"]["query"] = path

def quote_chars(self, query):
# Escape parentheses by adding backslashes before them
return query.replace('(', '').replace(')', '').strip()

def search(self, query=None):
if query is None:
query = {}
Expand All @@ -93,6 +97,12 @@ def search(self, query=None):
if use_site_search_settings:
query = self.filter_query(query)

if "SearchableText" in query:
# Sanitize SearchableText by removing parentheses
query["SearchableText"] = self.quote_chars(query["SearchableText"])
if not query["SearchableText"] or query["SearchableText"] == "*":
return []

self._constrain_query_by_path(query)
query = self._parse_query(query)

Expand Down

0 comments on commit 2f89198

Please sign in to comment.