9241b00bb206e322963c1af9d92138a836d909dd
chmalee
  Mon Oct 31 13:49:01 2022 -0700
Fix off by one on redirect searches, fix lack of cgi encoding of search terms, refs #29693

diff --git src/hg/js/hgSearch.js src/hg/js/hgSearch.js
index 1e96808..7472965 100644
--- src/hg/js/hgSearch.js
+++ src/hg/js/hgSearch.js
@@ -743,31 +743,31 @@
         if (searchTerm !== undefined && searchTerm.length > 0) {
             // put up a loading image
             $("#searchBarSearchButton").after("<i id='spinner' class='fa fa-spinner fa-spin'></i>");
 
             // if the user entered a plain position string like chr1:blah-blah, just
             // go to the old cgi/hgTracks
             var canonMatch = searchTerm.match(canonicalRangeExp);
             var gbrowserMatch = searchTerm.match(gbrowserRangeExp);
             var lengthMatch = searchTerm.match(lengthRangeExp);
             var bedMatch = searchTerm.match(bedRangeExp);
             var sqlMatch = searchTerm.match(sqlRangeExp);
             var singleMatch = searchTerm.match(singleBaseExp);
             var positionMatch = canonMatch || gbrowserMatch || lengthMatch || bedMatch || sqlMatch || singleMatch;
             if (positionMatch !== null) {
                 var prevCgi = uiState.prevCgi !== undefined ? uiState.prevCgi : "hgTracks";
-                window.location.replace("../cgi-bin/" + prevCgi + "?db=" + db + "position=" + searchTerm);
+                window.location.replace("../cgi-bin/" + prevCgi + "?db=" + db + "position=" + encodeURIComponent(searchTerm));
                 return;
             }
 
             _.assign(uiState, {"search": searchTerm});
             cart.send({ getSearchResults:
                         {
                         db: db,
                         search: searchTerm
                         }
                     },
                     handleRefreshState,
                     handleErrorState);
             // always update the results when a search has happened
             cart.flush();
         }