Skip to content

Commit 793b622

Browse files
committed
AOS-100: Update docs regarding the query class and the need for handling sanitisation of the string for including in the template
1 parent b6afd22 commit 793b622

1 file changed

Lines changed: 3 additions & 4 deletions

File tree

docs/detailed-result-handling.md

Lines changed: 3 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -20,17 +20,16 @@ simple methods available that you can access anywhere.
2020
* `isSuccess()`: Simply states whether or not the search was a success, or error.
2121
* `getRecords()`: A `PaginatedList` of `Record` objects that were returned by the search service based on your `Query`.
2222
* `getFacets`: An `ArrayList` of `Facet` objects that were returned by the search service based on your `Query`.
23-
* `getQuery`": The `Query` object
2423

2524
The `Results` class is also a `ViewableData` object, so these methods can be access in your template with `$isSuccess`,
26-
`$Records`, `$Facets`, and `$Query`.
25+
`$Records`, and `$Facets`.
2726

2827
## `Query` class
2928
The `Query` class provides the original query that was used for matching results. This is available should you wish
3029
to include `Showing results for "test"` or similar text on your results page.
3130

32-
**Important:** When including `$Query` in the template it should be noted that this assumes the query string is
33-
safe and that the implementation has sanitised the user input to mitigate against cross-site scripting (xss) attacks.
31+
**Important:** When including `$Query` in the template it should be noted that this could contain raw user input
32+
and you may need to handle sanitisation of this value to mitigate against cross-site scripting (xss) attacks.
3433

3534
## `Record` class
3635

0 commit comments

Comments
 (0)