IDs used in URLs for full-record links are properly CQL-quoted.

author Mike Taylor <mike@indexdata.com>

Wed, 19 Dec 2012 10:00:52 +0000 (10:00 +0000)

committer Mike Taylor <mike@indexdata.com>

Wed, 19 Dec 2012 10:00:52 +0000 (10:00 +0000)
author Mike Taylor <mike@indexdata.com>
Wed, 19 Dec 2012 10:00:52 +0000 (10:00 +0000)
committer Mike Taylor <mike@indexdata.com>
Wed, 19 Dec 2012 10:00:52 +0000 (10:00 +0000)
diff --git a/web/htdocs/details/found.mc b/web/htdocs/details/found.mc

index e4312fb..84735fc 100644 (file)
--- a/web/htdocs/details/found.mc
+++ b/web/htdocs/details/found.mc
@@ -124,7 +124,7 @@ push @ids, $id;
  </%perl>
        <tr style="background: <% ($i % 2) ? '#ffffc0' : 'white' %>">
         <td><% $i %></td>
-       <td><a href="<% xml_encode("/full.html?id=" . uri_escape_utf8($id))
+       <td><a href="<% xml_encode("/full.html?id==" . uri_escape_utf8(cql_quote($id)))
                 %>"><% xml_encode($title) %></a></td>
         <td><% xml_encode($reliability, "", { nbsp => 1 }) %></td>
         <td><% xml_encode($host, "") %></td>
author	Mike Taylor <mike@indexdata.com>
	Wed, 19 Dec 2012 10:00:52 +0000 (10:00 +0000)
committer	Mike Taylor <mike@indexdata.com>
	Wed, 19 Dec 2012 10:00:52 +0000 (10:00 +0000)