Item406: WebSearch does not work with quoted word strings.
Priority: Urgent
Current State: Closed
Released In: 1.0.0
Target Release: patch
Applies To: Engine
Component:
Branches:
WebSearch does not work with quoted word strings.
The reason is that URLPARAM inside a
SEARCH requires that encode="quote" is used.
Note that this is not triggered by the spec change of URLPARAM into using safe as default. Turning URLPARAM encoding off does not solve this.
You must use encode="quote".
This change is part of the XSS fix but I am putting it on a separate bug item so it gets visible in release note that the bug is fixed.
--
KennethLavrsen - 07 Dec 2008