Correctly escape search query

author: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-10-31 16:35:06 +0200
committer: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-10-31 16:35:06 +0200
commit: b55f22afc042f937e26a2e019b9b60f66d347b34 (patch)
tree: 419d87b48f7cceb5b38654f436ed5d6a4ed4da94 /app/contexts
parent: 959863b92b3b362a2dfb267a4f7ec1cacb9d8ad2 (diff)
download: gitlab-ce-b55f22afc042f937e26a2e019b9b60f66d347b34.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/app/contexts/search_context.rb b/app/contexts/search_context.rb
index ff322978559..c07fdfe4c39 100644
--- a/app/contexts/search_context.rb
+++ b/app/contexts/search_context.rb
@@ -6,7 +6,8 @@ class SearchContext
   end
 
   def execute
-    query = Shellwords.shellescape(params[:search])
+    query = params[:search]
+    query = Shellwords.shellescape(query) if query.present?
 
     return result unless query.present?
author	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2013-10-31 16:35:06 +0200
committer	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2013-10-31 16:35:06 +0200
commit	b55f22afc042f937e26a2e019b9b60f66d347b34 (patch)
tree	419d87b48f7cceb5b38654f436ed5d6a4ed4da94 /app/contexts
parent	959863b92b3b362a2dfb267a4f7ec1cacb9d8ad2 (diff)
download	gitlab-ce-b55f22afc042f937e26a2e019b9b60f66d347b34.tar.gz