search error handling & sanitize input for default fulltext

2025-11-17 18:50:41 +01:00 · 2019-04-02 22:52:42 +02:00
parent fe3a0bc756
commit ef1b32d586
3 changed files with 22 additions and 5 deletions
--- a/src/services/parse_filters.js
+++ b/src/services/parse_filters.js
@@ -45,18 +45,20 @@ function calculateSmartValue(v) {
 module.exports = function (searchText) {
    // if the string doesn't start with attribute then we consider it as just standard full text search
    if (!searchText.trim().startsWith("@")) {
+        const sanitizedSearchText = searchText.replace(/[^\w ]+/g, "");
+
        return [
            {
                relation: 'and',
                name: 'text',
                operator: '=',
-                value: searchText
+                value: sanitizedSearchText
            },
            {
                relation: 'or',
                name: 'noteId',
                operator: '=',
-                value: searchText
+                value: sanitizedSearchText
            }
        ]
    }