From 38f4e8bf1a5831c19972172524d270548f3e190f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lukas=20L=C3=B6sche?= <lukas@some.engineering>
Date: Thu, 25 Jul 2024 16:21:16 +0200
Subject: [PATCH] Escape single quotes

---
 search/search.go | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/search/search.go b/search/search.go
index 6a6b9a0..c7ee6e0 100644
--- a/search/search.go
+++ b/search/search.go
@@ -8,6 +8,7 @@ import (
 	"fmt"
 	"io"
 	"net/http"
+	"strings"
 
 	"github.com/sirupsen/logrus"
 )
@@ -17,6 +18,10 @@ type SearchRequest struct {
 	WithEdges bool   `json:"with_edges"`
 }
 
+func escapeSingleQuotes(s string) string {
+	return strings.ReplaceAll(s, "'", "'\\''")
+}
+
 func SearchGraph(apiEndpoint, fixJWT, workspaceID, searchStr string, withEdges bool) (<-chan interface{}, <-chan error) {
 	results := make(chan interface{})
 	errs := make(chan error, 1)
@@ -49,7 +54,8 @@ func SearchGraph(apiEndpoint, fixJWT, workspaceID, searchStr string, withEdges b
 			Secure:   true,
 		})
 
-		curlCommand := fmt.Sprintf("curl -X POST -H 'Content-Type: application/json' -H 'Accept: application/ndjson' -H 'Cookie: session_token=%s' -d '%s' %s", fixJWT, string(requestBody), url)
+		escapedRequestBody := escapeSingleQuotes(string(requestBody))
+		curlCommand := fmt.Sprintf("curl -X POST -H 'Content-Type: application/json' -H 'Accept: application/ndjson' -H 'Cookie: session_token=%s' -d '%s' %s", fixJWT, escapedRequestBody, url)
 		logrus.Debugln("Equivalent curl command:", curlCommand)
 
 		client := &http.Client{}