Quick-fix for NUL in searches

This needs a more complete fix, but as a stop gap this fixes the quick
exposure.

diff --git a/pgweb/search/views.py b/pgweb/search/views.py
index fa65fd16121b65b230a0bf4eb8a7083dc0698407..4dc66500844d0955faf5cb46ba24655e776e27e6 100644 (file)
--- a/pgweb/search/views.py
+++ b/pgweb/search/views.py
@@ -130,6 +130,10 @@ def search(request):
                 'search_error': "No search term specified.",
             })
     query = request.GET['q'].strip()
+    if '\0' in query:
+        return render(request, 'search/sitesearch.html', {
+            'search_error': "Invalid character in search.",
+        })
 
     # Anti-stefan prevention
     if len(query) > 1000: