9241b00bb206e322963c1af9d92138a836d909dd chmalee Mon Oct 31 13:49:01 2022 -0700 Fix off by one on redirect searches, fix lack of cgi encoding of search terms, refs #29693 diff --git src/hg/js/hgGateway.js src/hg/js/hgGateway.js index 914c974..c42a251 100644 --- src/hg/js/hgGateway.js +++ src/hg/js/hgGateway.js @@ -1534,31 +1534,31 @@ // Make a form and submit it. In order for this to work in IE, the form // must be appended to the body. $form = $('<form action="hgTracks" method=GET id="mainForm">' + '<input type=hidden name="hgsid" value="' + window.hgsid + '">' + '<input type=hidden name="org" value="' + uiState.genome + '">' + '<input type=hidden name="db" value="' + uiState.db + '">' + '<input type=hidden name="position" value="' + position + '">' + '<input type=hidden name="pix" value="' + pix + '">' + '</form>'); $('body').append($form); $form.submit(); } else { // User has entered a search term with no suggestion, go to the disambiguation // page so the user can choose a position $('.jwGoIcon').removeClass('fa-play').addClass('fa-spinner fa-spin'); - window.location.assign("../cgi-bin/hgSearch?search=" + searchTerm + "&hgsid="+ window.hgsid ); + window.location.assign("../cgi-bin/hgSearch?search=" + encodeURIComponent(searchTerm) + "&hgsid="+ window.hgsid ); } } function replaceHgsidInLinks() { // Substitute '$hgsid' with real hgsid in <a> href's. $('a').each(function(ix, aEl) { var href = aEl.getAttribute('href'); if (href && href.indexOf('$hgsid') >= 0) { aEl.setAttribute('href', href.replace('$hgsid', window.hgsid)); } }); } function displaySurvey() { // If hg.conf specifies a survey link, then hgGateway.c has set corresponding global vars.