9241b00bb206e322963c1af9d92138a836d909dd chmalee Mon Oct 31 13:49:01 2022 -0700 Fix off by one on redirect searches, fix lack of cgi encoding of search terms, refs #29693 diff --git src/hg/js/hgTracks.js src/hg/js/hgTracks.js index 2374116..e69635e 100644 --- src/hg/js/hgTracks.js +++ src/hg/js/hgTracks.js @@ -4498,31 +4498,31 @@ if (dnaRe.test(newPos)) { var blatUrl = "hgBlat?type=BLAT%27s+guess&userSeq="+newPos; window.location.href = blatUrl; return false; } // redirect to search disambiguation page if it looks like we didn't enter a regular position: var canonMatch = newPos.match(canonicalRangeExp); var gbrowserMatch = newPos.match(gbrowserRangeExp); var lengthMatch = newPos.match(lengthRangeExp); var bedMatch = newPos.match(bedRangeExp); var sqlMatch = newPos.match(sqlRangeExp); var singleMatch = newPos.match(singleBaseExp); var positionMatch = canonMatch || gbrowserMatch || lengthMatch || bedMatch || sqlMatch || singleMatch; if (positionMatch === null) { - window.location.assign("../cgi-bin/hgSearch?search=" + newPos + "&hgsid=" + getHgsid()); + window.location.assign("../cgi-bin/hgSearch?search=" + encodeURIComponent(newPos) + "&hgsid=" + getHgsid()); return false; } return true; }); // Have vis box changes update cart through ajax. This helps keep page/cart in sync. vis.initForAjax(); // We reach here from these possible paths: // A) Forward: Full page retrieval: hgTracks is first navigated to (or chrom change) // B) Back-button past a full retrieval (B in: ->A,->b,->c(full page),->d,<-c,<-B(again)) // B1) Dirty page: at least one non-position change (e.g. 1 track vis changed in b) // B2) Clean page: only position changes from A->b->| var curPos = encodeURIComponent(genomePos.get().replace(/,/g,'')); var curDbPos = hgTracks.lastDbPos;