[fix] autocomplete encoding

This commit is contained in:
Adam Tauber 2014-03-29 17:04:33 +01:00
parent 879bac8adb
commit 8e2d996e27
2 changed files with 12 additions and 13 deletions

View File

@ -1,13 +1,15 @@
from lxml import etree from lxml import etree
from requests import get from requests import get
from json import loads from json import loads
from urllib import urlencode
def dbpedia(query): def dbpedia(query):
# dbpedia autocompleter # dbpedia autocompleter
autocomplete_url = 'http://lookup.dbpedia.org/api/search.asmx/KeywordSearch?QueryString={q}' # noqa autocomplete_url = 'http://lookup.dbpedia.org/api/search.asmx/KeywordSearch?' # noqa
response = get(autocomplete_url.format(q=query)) response = get(autocomplete_url
+ urlencode(dict(QueryString=query)))
results = [] results = []
@ -21,14 +23,15 @@ def dbpedia(query):
def google(query): def google(query):
# google autocompleter # google autocompleter
autocomplete_url = 'http://suggestqueries.google.com/complete/search?client=toolbar&q={q}' # noqa autocomplete_url = 'http://suggestqueries.google.com/complete/search?client=toolbar&' # noqa
response = get(autocomplete_url.format(q=query)) response = get(autocomplete_url
+ urlencode(dict(q=query)))
results = [] results = []
if response.ok: if response.ok:
dom = etree.fromstring(response.content) dom = etree.fromstring(response.text)
results = dom.xpath('//suggestion/@data') results = dom.xpath('//suggestion/@data')
return results return results
@ -36,9 +39,9 @@ def google(query):
def wikipedia(query): def wikipedia(query):
# wikipedia autocompleter # wikipedia autocompleter
url = 'https://en.wikipedia.org/w/api.php?action=opensearch&search={q}&limit=10&namespace=0&format=json' # noqa url = 'https://en.wikipedia.org/w/api.php?action=opensearch&{0}&limit=10&namespace=0&format=json' # noqa
resp = loads(get(url.format(q=query)).text) resp = loads(get(url.format(urlencode(dict(q=query)))).text)
return resp[1] return resp[1]

View File

@ -252,7 +252,7 @@ def autocompleter():
request_data = request.args request_data = request.args
# TODO fix XSS-vulnerability # TODO fix XSS-vulnerability
query = request_data.get('q') query = request_data.get('q', '').encode('utf-8')
if not query: if not query:
return return
@ -262,11 +262,7 @@ def autocompleter():
if not completer: if not completer:
return return
try:
results = completer(query) results = completer(query)
except Exception, e:
print e
results = []
if request_data.get('format') == 'x-suggestions': if request_data.get('format') == 'x-suggestions':
return Response(json.dumps([query, results]), return Response(json.dumps([query, results]),