When setting the title of a custom search page, you can use the token '%terms' to insert the user's search terms into the title.
However, these get output with double escaping. For example, a search for "<>chief O'Brien<b>" produces the page title: "Search: <b>Chief O'Brien<b>". In particular, the apostrophe is output incorrectly.
The source of this bug is in apachesolr_search_get_value_title(). This is used as a title callback for the search page, and in apachesolr_search_menu_alter() is passed to the 'title callback' property of the menu items.
apachesolr_search_get_value_title() uses t() with a '@terms' placeholder, which runs the search terms through check_plain().
However, drupal_get_title() already has provision for sanitizing the page title, unless drupal_set_title() was called with the PASS_THROUGH option. We can't change the call to drupal_set_title(), as we're providing a menu title callback, so we shouldn't be escaping the string ourselves, but returning it raw.
Comment | File | Size | Author |
---|---|---|---|
#6 | apacheslr-2626686-6.patch | 396 bytes | douggreen |
| |||
#4 | 2626686.apachesolr.search-terms-title-double-escape-3.patch | 544 bytes | mausolos |
#2 | 2626686.apachesolr.search-terms-title-double-escape.patch | 871 bytes | joachim |
Comments
Comment #2
joachim CreditAttribution: joachim commentedComment #3
mausolos CreditAttribution: mausolos commentedThis did not solve the problem for me.
This, however, did:
Comment #4
mausolos CreditAttribution: mausolos commentedHere's the patch.
Comment #6
douggreen CreditAttribution: douggreen at Tag1 Consulting commentedUpdated patch is relative to the module and not docroot, so that it applies cleanly.