diff options
Diffstat (limited to 'lib/PublicInbox/SearchQuery.pm')
-rw-r--r-- | lib/PublicInbox/SearchQuery.pm | 24 |
1 files changed, 15 insertions, 9 deletions
diff --git a/lib/PublicInbox/SearchQuery.pm b/lib/PublicInbox/SearchQuery.pm index 0f360500..747e3249 100644 --- a/lib/PublicInbox/SearchQuery.pm +++ b/lib/PublicInbox/SearchQuery.pm @@ -1,12 +1,12 @@ -# Copyright (C) 2015-2021 all contributors <meta@public-inbox.org> +# Copyright (C) all contributors <meta@public-inbox.org> # License: AGPL-3.0+ <https://www.gnu.org/licenses/agpl-3.0.txt> -# used by PublicInbox::SearchView +# used by PublicInbox::SearchView and PublicInbox::WwwListing package PublicInbox::SearchQuery; use strict; use v5.10.1; use URI::Escape qw(uri_escape); -use PublicInbox::MID qw(MID_ESC); +use PublicInbox::Hval qw(ascii_html); our $LIM = 200; sub new { @@ -16,10 +16,11 @@ sub new { my $t = $qp->{t}; # collapse threads my ($l) = (($qp->{l} || '') =~ /([0-9]+)/); $l = $LIM if !$l || $l > $LIM; + my ($o) = (($qp->{o} || '0') =~ /(-?[0-9]+)/); bless { q => $qp->{'q'}, x => $qp->{x} || '', - o => (($qp->{o} || '0') =~ /(-?[0-9]+)/), + o => $o, l => $l, r => (defined $r && $r ne '0'), t => (defined $t && $t ne '0'), @@ -32,11 +33,16 @@ sub qs_html { if (scalar(keys(%override))) { $self = bless { (%$self, %override) }, ref($self); } - - my $q = uri_escape($self->{'q'}, MID_ESC); - $q =~ s/%20/+/g; # improve URL readability - my $qs = "q=$q"; - + my $qs = ''; + if (defined(my $q = $self->{'q'})) { + # not using MID_ESC since that's for the path component and + # this is for the query component. Unlike MID_ESC, + # this disallows [\&\'\+=] and allows slash [/] for + # nicer looking dfn: queries + $q = uri_escape($q, '^A-Za-z0-9\-\._~!\$\(\)\*,;:@/'); + $q =~ s/%20/+/g; # improve URL readability + $qs .= 'q='.ascii_html($q); + } if (my $o = $self->{o}) { # ignore o == 0 $qs .= "&o=$o"; } |