From 593a9f464eb7c898dbc1467e7284cb8b6e08aa1f Mon Sep 17 00:00:00 2001
From: Magnus Hagander <magnus@hagander.net>
Date: Wed, 18 Nov 2020 16:39:24 +0100
Subject: [PATCH] Prevent NUL characters in both suburl and query

Previous fix only prevented them in the search query, not in the suburl
parameter.
---
 pgweb/search/views.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pgweb/search/views.py b/pgweb/search/views.py
index 49dbbfbd..db26bf4b 100644
--- a/pgweb/search/views.py
+++ b/pgweb/search/views.py
@@ -130,7 +130,7 @@ def search(request):
                 'search_error': "No search term specified.",
             })
     query = request.GET['q'].strip()
-    if '\0' in query:
+    if '\0' in query or '\0' in suburl:
         return render(request, 'search/sitesearch.html', {
             'search_error': "Invalid character in search.",
         })
-- 
2.39.5