diff options
| author | Solirs <zcauchemar@gmail.com> | 2023-03-16 20:29:14 +0100 |
|---|---|---|
| committer | Markus Heiser <markus.heiser@darmarit.de> | 2023-03-17 08:46:00 +0100 |
| commit | fbb0e9d27509f30242c531c0d5e83c845f6a03eb (patch) | |
| tree | 3fb1eb60f78c14e14f198b4266e66502f028483c | |
| parent | 3e9cddc606f009f47b47b058a310c0f81df29228 (diff) | |
| download | searxng-fbb0e9d27509f30242c531c0d5e83c845f6a03eb.tar.gz searxng-fbb0e9d27509f30242c531c0d5e83c845f6a03eb.zip | |
[fix] server side error: escape backslashes in the query highlight_content
Any backslash escapes in the replacement are processed [1], backslashes should
be escaped [2].
[1] https://docs.python.org/3/library/re.html#re.sub
[2] https://docs.python.org/3/library/re.html#re.escape
closes:
- https://github.com/searxng/searxng/issues/2256
- https://github.com/searxng/searxng/issues/2250
| -rw-r--r-- | searx/webutils.py | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/searx/webutils.py b/searx/webutils.py index 7b9a8045c..6c023ebc3 100644 --- a/searx/webutils.py +++ b/searx/webutils.py @@ -174,7 +174,9 @@ def highlight_content(content, query): queries.extend(re.findall(regex_highlight_cjk(qs), content, flags=re.I | re.U)) if len(queries) > 0: for q in set(queries): - content = re.sub(regex_highlight_cjk(q), f'<span class="highlight">{q}</span>', content) + content = re.sub( + regex_highlight_cjk(q), f'<span class="highlight">{q}</span>'.replace('\\', r'\\'), content + ) return content |