From 45e8b1c8fe0b6daee71fac6fcbfc1260d3dd9849 Mon Sep 17 00:00:00 2001
From: "Pablo H. Paladino" <paladinop@gmail.com>
Date: Wed, 13 Jul 2022 17:25:14 -0300
Subject: [PATCH] sanitize search terms

---
 packages/cms/src/api/searchRoute.js | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/packages/cms/src/api/searchRoute.js b/packages/cms/src/api/searchRoute.js
index d9b47d8b7..64d4da9f0 100644
--- a/packages/cms/src/api/searchRoute.js
+++ b/packages/cms/src/api/searchRoute.js
@@ -580,7 +580,14 @@ module.exports = function(app) {
         const {searchIndexByLocale} = app.settings.cache;
 
         if (useLUNR && searchIndexByLocale[locale]) {
-          const terms = query.split(" ").map(d => `+${d}~1*`).join(" ");
+          const terms = query
+            .replace(/[\+\-\~\*\:\^]/g, ' ') //Remove special characters that are reserved by Lunr https://lunrjs.com/guides/searching.html
+            .split(" ") //Split into individual terms
+            .filter(d => d.trim() !== '') //Remove empty trimmed terms
+            .map(d => `+${d}~1*`) //Add wildcard to each term
+            .join(" "); //Join back into a single string
+
+          // Perform the search using lunr index
           const lunrResults = searchIndexByLocale[locale].search(terms);
           contentIds = lunrResults.map(d => d.ref);
         }