Merge pull request #5058 from betagouv/fix-search-sql

fix to_tsquery disallowed chars
This commit is contained in:
LeSim 2020-04-20 15:23:59 +02:00 committed by GitHub
commit 780df9944e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 7 additions and 1 deletions

View file

@ -62,8 +62,8 @@ class DossierSearchService
def self.to_tsquery(search_terms)
(search_terms || "")
.strip
.gsub(/['?\\:&|!<>\(\)]/, "") # drop disallowed characters
.strip
.split(/\s+/) # split words
.map { |x| "#{x}:*" } # enable prefix matching
.join(" & ")

View file

@ -198,5 +198,11 @@ describe DossierSearchService do
it { expect(subject.size).to eq(1) }
end
describe 'search with a single forbidden character should not crash postgres' do
let(:terms) { '? OCTO' }
it { expect(subject.size).to eq(3) }
end
end
end