Correctly escape search query

author: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-10-31 16:35:06 +0200
committer: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-11-01 14:14:33 +0200
commit: 31736e9be83da6cf45d5331790bd39b230bbc1f6 (patch)
tree: b5450c2aaad3cfb7d7d9c6457a820a0bb6bbbe4c
parent: a476bc7bc7bd902e4bc2dbf9d49d3f6cb9e61537 (diff)
download: gitlab-ce-31736e9be83da6cf45d5331790bd39b230bbc1f6.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/app/contexts/search_context.rb b/app/contexts/search_context.rb
index ff322978559..c07fdfe4c39 100644
--- a/app/contexts/search_context.rb
+++ b/app/contexts/search_context.rb
@@ -6,7 +6,8 @@ class SearchContext
   end
 
   def execute
-    query = Shellwords.shellescape(params[:search])
+    query = params[:search]
+    query = Shellwords.shellescape(query) if query.present?
 
     return result unless query.present?
author	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2013-10-31 16:35:06 +0200
committer	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2013-11-01 14:14:33 +0200
commit	31736e9be83da6cf45d5331790bd39b230bbc1f6 (patch)
tree	b5450c2aaad3cfb7d7d9c6457a820a0bb6bbbe4c
parent	a476bc7bc7bd902e4bc2dbf9d49d3f6cb9e61537 (diff)
download	gitlab-ce-31736e9be83da6cf45d5331790bd39b230bbc1f6.tar.gz