Escape search term before passing it to Regexp.new (!6241)

author: winniehell <git@winniehell.de> 2016-09-07 15:16:22 +0200
committer: winniehell <git@winniehell.de> 2016-09-07 15:16:22 +0200
commit: e64e45db545242f033d6cb9636f61ab25e9a3ef2 (patch)
tree: ff7426b67ec2933268d9c5751a91734f1b10bc87 /app/helpers/search_helper.rb
parent: 0e3f7927d5b970ec18f8ce7a3a08ee0f9001f1d7 (diff)
download: gitlab-ce-e64e45db545242f033d6cb9636f61ab25e9a3ef2.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/app/helpers/search_helper.rb b/app/helpers/search_helper.rb
index 4549c2e5bb6..e523c46e879 100644
--- a/app/helpers/search_helper.rb
+++ b/app/helpers/search_helper.rb
@@ -7,8 +7,10 @@ module SearchHelper
       projects_autocomplete(term)
     ].flatten
 
+    search_pattern = Regexp.new(Regexp.escape(term), "i")
+
     generic_results = project_autocomplete + default_autocomplete + help_autocomplete
-    generic_results.select! { |result| result[:label] =~ Regexp.new(term, "i") }
+    generic_results.select! { |result| result[:label] =~ search_pattern }
 
     [
       resources_results,
author	winniehell <git@winniehell.de>	2016-09-07 15:16:22 +0200
committer	winniehell <git@winniehell.de>	2016-09-07 15:16:22 +0200
commit	e64e45db545242f033d6cb9636f61ab25e9a3ef2 (patch)
tree	ff7426b67ec2933268d9c5751a91734f1b10bc87 /app/helpers/search_helper.rb
parent	0e3f7927d5b970ec18f8ce7a3a08ee0f9001f1d7 (diff)
download	gitlab-ce-e64e45db545242f033d6cb9636f61ab25e9a3ef2.tar.gz