diff --git a/frontends/etiquette_flask/templates/search.html b/frontends/etiquette_flask/templates/search.html index 2db1047..00eec33 100644 --- a/frontends/etiquette_flask/templates/search.html +++ b/frontends/etiquette_flask/templates/search.html @@ -522,20 +522,20 @@ function submit_search() add_searchtag_from_box(input_forbids, inputted_forbids, "search_builder_forbids_inputted"); let has_tag_params = false; - const musts = simplify_tagnames(inputted_musts).join(","); + const musts = simplify_tagnames(inputted_musts).map(encodeURIComponent).join(","); if (musts) {parameters.push("tag_musts=" + musts); has_tag_params = true;} - const mays = simplify_tagnames(inputted_mays).join(","); + const mays = simplify_tagnames(inputted_mays).map(encodeURIComponent).join(","); if (mays) {parameters.push("tag_mays=" + mays); has_tag_params = true;} - const forbids = simplify_tagnames(inputted_forbids).join(","); + const forbids = simplify_tagnames(inputted_forbids).map(encodeURIComponent).join(","); if (forbids) {parameters.push("tag_forbids=" + forbids); has_tag_params = true;} const expression = document.getElementsByName("tag_expression")[0].value; if (expression) { //expression = expression.replace(new RegExp(" ", 'g'), "-"); - parameters.push("tag_expression=" + expression); + parameters.push("tag_expression=" + encodeURIComponent(expression)); has_tag_params = true; } @@ -667,7 +667,7 @@ const inputted_forbids = []; {% set key="tag_" + tagtype %} {% if search_kwargs[key] %} {% for tag in search_kwargs[key] %} - inputted_{{tagtype}}.push("{{tag.name}}"); + inputted_{{tagtype}}.push("{{tag.name|safe}}"); {% endfor %} {% endif %} {% endfor %} diff --git a/frontends/etiquette_flask/templates/tag_object.html b/frontends/etiquette_flask/templates/tag_object.html index d4fa9b5..e315d12 100644 --- a/frontends/etiquette_flask/templates/tag_object.html +++ b/frontends/etiquette_flask/templates/tag_object.html @@ -25,10 +25,10 @@ ) -%} {%- set href = { - "search": "/search?tag_musts=" + tag.name, - "search_musts": "/search?tag_musts=" + tag.name, - "search_mays": "/search?tag_mays=" + tag.name, - "search_forbids": "/search?tag_forbids=" + tag.name, + "search": "/search?tag_musts=" + (tag.name|urlencode), + "search_musts": "/search?tag_musts=" + (tag.name|urlencode), + "search_mays": "/search?tag_mays=" + (tag.name|urlencode), + "search_forbids": "/search?tag_forbids=" + (tag.name|urlencode), "info": "/tag/" + tag.name, None: None, }.get(link, link)