Item406: WebSearch does not work with quoted word strings.
does not work with quoted word strings.
The reason is that URLPARAM inside a SEARCH
requires that encode="quote" is used.
Note that this is not triggered by the spec change of URLPARAM into using safe as default. Turning URLPARAM encoding off does not solve this.
You must use encode="quote".
This change is part of the XSS fix but I am putting it on a separate bug item so it gets visible in release note that the bug is fixed.
- 07 Dec 2008