From de873385087d0dd8c916067ed866ce775f9677db Mon Sep 17 00:00:00 2001
From: chiu <naruto0426@rulingcom.com>
Date: Sun, 26 Apr 2020 12:35:04 +0800
Subject: [PATCH] add xss protection to search

---
 app/controllers/personal_journals_controller.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/controllers/personal_journals_controller.rb b/app/controllers/personal_journals_controller.rb
index b766e5d..4cd3954 100644
--- a/app/controllers/personal_journals_controller.rb
+++ b/app/controllers/personal_journals_controller.rb
@@ -116,7 +116,7 @@ class PersonalJournalsController < ApplicationController
                     'url' => '/' + I18n.locale.to_s + params[:url],
                     'select_text' => select_text,
                     'search_text' => search_text,
-                    'search_value' => params[:keywords],
+                    'search_value' => params[:keywords].gsub(/\"/,''),
                     'csrf_value' => csrf_value },
       'total_pages' => journal_papers_total_pages,
       'choice' => choice