1
0
mirror of https://github.com/oceanprotocol/commons.git synced 2023-03-15 18:03:00 +01:00

Merge pull request #114 from oceanprotocol/fix/user-input

sanitize search input
This commit is contained in:
Matthias Kretschmann 2019-04-29 18:43:55 +02:00 committed by GitHub
commit 23bebcb39a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 19 additions and 12 deletions

View File

@ -54,7 +54,9 @@ class Home extends Component<HomeProps, HomeState> {
private searchAssets = (event: FormEvent<HTMLFormElement>) => { private searchAssets = (event: FormEvent<HTMLFormElement>) => {
event.preventDefault() event.preventDefault()
this.props.history.push(`/search?text=${this.state.search}`) this.props.history.push(
`/search?text=${JSON.stringify(this.state.search)}`
)
} }
} }

View File

@ -20,6 +20,7 @@ interface SearchState {
totalPages: number totalPages: number
currentPage: number currentPage: number
isLoading: boolean isLoading: boolean
searchTerm: string
} }
export default class Search extends PureComponent<SearchProps, SearchState> { export default class Search extends PureComponent<SearchProps, SearchState> {
@ -29,18 +30,22 @@ export default class Search extends PureComponent<SearchProps, SearchState> {
offset: 25, offset: 25,
totalPages: 1, totalPages: 1,
currentPage: 1, currentPage: 1,
isLoading: true isLoading: true,
searchTerm: ''
} }
private readonly searchTerm = queryString.parse(this.props.location.search)
.text
private readonly searchPage = queryString.parse(this.props.location.search)
.page
public async componentDidMount() { public async componentDidMount() {
const searchTerm = await queryString.parse(this.props.location.search)
.text
const searchPage = queryString.parse(this.props.location.search).page
await this.setState({
searchTerm: JSON.stringify(searchTerm)
})
// switch to respective page if query string is present // switch to respective page if query string is present
if (this.searchPage) { if (searchPage) {
const currentPage = Number(this.searchPage) const currentPage = Number(searchPage)
await this.setState({ currentPage }) await this.setState({ currentPage })
} }
@ -52,7 +57,7 @@ export default class Search extends PureComponent<SearchProps, SearchState> {
offset: this.state.offset, offset: this.state.offset,
page: this.state.currentPage, page: this.state.currentPage,
query: { query: {
text: [this.searchTerm], text: [this.state.searchTerm],
price: [-1, 1] price: [-1, 1]
}, },
sort: { sort: {
@ -78,7 +83,7 @@ export default class Search extends PureComponent<SearchProps, SearchState> {
this.props.history.push({ this.props.history.push({
pathname: this.props.location.pathname, pathname: this.props.location.pathname,
search: `?text=${this.searchTerm}&page=${toPage}` search: `?text=${this.state.searchTerm}&page=${toPage}`
}) })
await this.setState({ currentPage: toPage, isLoading: true }) await this.setState({ currentPage: toPage, isLoading: true })
@ -108,7 +113,7 @@ export default class Search extends PureComponent<SearchProps, SearchState> {
className={styles.resultsTitle} className={styles.resultsTitle}
dangerouslySetInnerHTML={{ dangerouslySetInnerHTML={{
__html: `${totalResults} results for <span>${ __html: `${totalResults} results for <span>${
this.searchTerm this.state.searchTerm
}</span>` }</span>`
}} }}
/> />