From a44953895cee5620253637f3194d4a1129f035d1 Mon Sep 17 00:00:00 2001 From: Tim Hostetler <6970899+thostetler@users.noreply.github.com> Date: Wed, 23 Feb 2022 01:39:45 -0500 Subject: [PATCH 1/2] escape unescaped & in feedback params --- src/js/apps/discovery/router.js | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/src/js/apps/discovery/router.js b/src/js/apps/discovery/router.js index 46cfb356c..5413289fc 100644 --- a/src/js/apps/discovery/router.js +++ b/src/js/apps/discovery/router.js @@ -99,18 +99,14 @@ define([ }, feedbackPage: function(subview, query) { - const q = new ApiQuery(); - if (query) { - try { - q.load(query); - } catch (e) { - // ignore query loading errors - } - } + // if necessary encode ampersands present in the bibcode + query = query.replace('&', encodeURIComponent('&')); + const params = new URLSearchParams(query); + this.routerNavigate(`ShowFeedback`, { subview, href: `#feedback/${subview}`, - bibcode: q.has('bibcode') ? q.get('bibcode')[0] : null, + bibcode: params.get('bibcode'), }); }, @@ -230,7 +226,9 @@ define([ this.routerNavigate('UserSettings', { subView: subView, }); - } else if (_.contains(['librarylink', 'orcid', 'application', 'export'], subView)) { + } else if ( + _.contains(['librarylink', 'orcid', 'application', 'export'], subView) + ) { // show preferences if no subview provided this.routerNavigate('UserPreferences', { subView: subView, From 9c92bbb86ed0cb3b69fbcc0b2b8b6e7cc5ad1e04 Mon Sep 17 00:00:00 2001 From: Tim Hostetler <6970899+thostetler@users.noreply.github.com> Date: Wed, 23 Feb 2022 01:44:09 -0500 Subject: [PATCH 2/2] submodule bump --- src/shared | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/shared b/src/shared index df3c735e5..8ef0c1da9 160000 --- a/src/shared +++ b/src/shared @@ -1 +1 @@ -Subproject commit df3c735e507537c34b9b92f6f1afd1e54c1c7517 +Subproject commit 8ef0c1da91459b42e7db9cd57cc2937f8b94f4c0