github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-21 18:12:32 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FIX: Prevent tricking the search from ignoring minimum lengths

Browse Source
This commit is contained in:
Robin Ward
2016-08-09 14:48:39 -04:00
parent c1125c8649
commit 28436a604a
3 changed files with 47 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
spec/components/search_spec.rb
View File

@ -61,8 +61,31 @@ describe Search do
end
it 'does not search when the search term is too small' do
ActiveRecord::Base.expects(:exec_sql).never
Search.execute('evil', min_search_term_length: 5)
search = Search.new('evil', min_search_term_length: 5)
search.execute
expect(search.valid?).to eq(false)
expect(search.term).to eq('')
end
it 'does not search for multiple small terms' do
search = Search.new('a b c d', min_search_term_length: 5)
search.execute
expect(search.valid?).to eq(false)
expect(search.term).to eq('')
end
it 'searches for quoted short terms' do
search = Search.new('"a b c d"', min_search_term_length: 5)
search.execute
expect(search.valid?).to eq(true)
expect(search.term).to eq('"a b c d"')
end
it 'discards short terms' do
search = Search.new('a b c okaylength', min_search_term_length: 5)
search.execute
expect(search.valid?).to eq(true)
expect(search.term).to eq('okaylength')
end
it 'escapes non alphanumeric characters' do