From 162d7d70740cf837a319cfbce8f33b3073b91731 Mon Sep 17 00:00:00 2001
From: Giuseppe Pignataro <16869546+Fastbyte01@users.noreply.github.com>
Date: Fri, 27 Jun 2025 23:52:04 +0200
Subject: [PATCH] fix: sanitize search query when rendering

---
 assets/js/theme.js | 18 ++++++++++++++++--
 src/js/theme.js    | 16 ++++++++++++++--
 2 files changed, 30 insertions(+), 4 deletions(-)

diff --git a/assets/js/theme.js b/assets/js/theme.js
index 72dcd691..3cf17281 100644
--- a/assets/js/theme.js
+++ b/assets/js/theme.js
@@ -30,6 +30,12 @@ class Util {
     if (!reserved) element.addEventListener('animationend', handler, false);
   }
 
+  escapeHTML(str) {
+    const div = document.createElement('div');
+    div.textContent = str;
+    return div.innerHTML;
+  }
+
 }
 
 class Theme {
@@ -319,10 +325,18 @@ class Theme {
             title,
             date,
             context
-          }) => `<div><span class="suggestion-title">${title}</span><span class="suggestion-date">${date}</span></div><div class="suggestion-context">${context}</div>`,
+          }, {
+            query
+          }) => {
+            const safeQuery = this.util.escapeHTML(query);
+            return `<div data-query="${safeQuery}"><span class="suggestion-title">${title}</span><span class="suggestion-date">${date}</span></div><div class="suggestion-context">${context}</div>`;
+          },
           empty: ({
             query
-          }) => `<div class="search-empty">${searchConfig.noResultsFound}: <span class="search-query">"${query}"</span></div>`,
+          }) => {
+            const safeQuery = this.util.escapeHTML(query);
+            return `<div class="search-empty">${searchConfig.noResultsFound}: <span class="search-query">"${safeQuery}"</span></div>`;
+          },
           footer: ({}) => {
             const {
               searchType,
diff --git a/src/js/theme.js b/src/js/theme.js
index c45cfee5..0cd06eca 100644
--- a/src/js/theme.js
+++ b/src/js/theme.js
@@ -26,6 +26,12 @@ class Util {
         };
         if (!reserved) element.addEventListener('animationend', handler, false);
     }
+
+    escapeHTML(str) {
+        const div = document.createElement('div');
+        div.textContent = str;
+        return div.innerHTML;
+    }
 }
 
 class Theme {
@@ -272,8 +278,14 @@ class Theme {
                     }
                 },
                 templates: {
-                    suggestion: ({ title, date, context }) => `<div><span class="suggestion-title">${title}</span><span class="suggestion-date">${date}</span></div><div class="suggestion-context">${context}</div>`,
-                    empty: ({ query }) => `<div class="search-empty">${searchConfig.noResultsFound}: <span class="search-query">"${query}"</span></div>`,
+                    suggestion: ({ title, date, context }, { query }) => {
+                        const safeQuery = this.util.escapeHTML(query);
+                        return `<div data-query="${safeQuery}"><span class="suggestion-title">${title}</span><span class="suggestion-date">${date}</span></div><div class="suggestion-context">${context}</div>`;
+                    },
+                    empty: ({ query }) => {
+                        const safeQuery = this.util.escapeHTML(query);
+                        return `<div class="search-empty">${searchConfig.noResultsFound}: <span class="search-query">"${safeQuery}"</span></div>`;
+                    },
                     footer: ({}) => {
                         const { searchType, icon, href } = searchConfig.type === 'algolia' ? {
                             searchType: 'algolia',