laravel-datatables
laravel-datatables copied to clipboard
yajra
fix: encode search keyword
Note: need to review as encoding the keyword is a change in behavior and might cause a breaking change.
SonarCloud Quality Gate failed. 
0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells
No Coverage information
48.1% Duplication
![sonarqubecloud[bot] avatar](https://avatars.githubusercontent.com/in/12526?v=4 "Published by a pub.dev verified publisher"){kind=small}
@dyaskur thanks for the review. However, adding is_encoded:true in the script will not affect the serverSide implementation as the js library will not send it back in the ajax request.
How about if we add another control on a column level that toggles encoded search? Maybe something like:
->encodedSearch(['col1', 'col2'])
I see, I thought datatable will send all column attribute to the ajax request. If can't send by client side, we need to set it on server side. And I think your idea looks good.
@yajra , recently came up with a similar solution while debugging a weird behavior with the collection as a source. This change adds equality to a search input and modified collection at DataProcessor escapeRow which uses laravel's e() func.
Any estimates on when this will be merged?
@aravael, would you be able to test this and see the impact on your existing project? Would you approve this PR?
Hi @yajra . Recently managed to test it, can't approve this patch. Though it fixes the collection search, it breaks the builder source. Since we sanitize the input with e(), the database data are still not modified, therefore not found the result.
It works with a collection because both the collection and input sanitized. In case of builder source it doesn't work that way. Need to process that out.