cf739b3
better patch for the XSS search issue Since the query string could be output when displaying the results too