From e16d2fbf96a7f5eafccb6c2b3371041c69daf8c3 Mon Sep 17 00:00:00 2001 From: Peter Hofmann Date: Fri, 26 May 2017 18:05:48 +0200 Subject: [PATCH] Add missing call to g_uri_escape_string() Closes #47. --- CHANGES | 5 +++++ browser.c | 6 ++++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/CHANGES b/CHANGES index 0b97335..f62ede2 100644 --- a/CHANGES +++ b/CHANGES @@ -1,5 +1,10 @@ Release history for lariza +next + [Fixed] + - User input is now properly escaped when used for keyword based + searching (fixes #47). + v17.05 2017-05-21 [Fixed] - Automatically adding the "file://" prefix didn't work (reliably) if diff --git a/browser.c b/browser.c index 19c6984..75688b9 100644 --- a/browser.c +++ b/browser.c @@ -880,7 +880,7 @@ keywords_try_search(WebKitWebView *web_view, const gchar *t) { gboolean ret = FALSE; gchar **tokens = NULL; - gchar *val = NULL, *uri = NULL; + gchar *val = NULL, *escaped = NULL, *uri = NULL; tokens = g_strsplit(t, " ", 2); if (tokens[0] != NULL && tokens[1] != NULL) @@ -888,9 +888,11 @@ keywords_try_search(WebKitWebView *web_view, const gchar *t) val = g_hash_table_lookup(keywords, tokens[0]); if (val != NULL) { - uri = g_strdup_printf((gchar *)val, tokens[1]); + escaped = g_uri_escape_string(tokens[1], NULL, TRUE); + uri = g_strdup_printf((gchar *)val, escaped); webkit_web_view_load_uri(web_view, uri); g_free(uri); + g_free(escaped); ret = TRUE; } } -- 2.39.2