From 0cd9a2446413e9050c24ccd409bc8f97ad18076a Mon Sep 17 00:00:00 2001
From: Alan Pearce
Date: Sun, 23 Mar 2025 22:59:05 +0100
Subject: fix: block single-character queries

---
 internal/components/search.go | 1 +
 internal/server/mux.go        | 6 ++++++
 2 files changed, 7 insertions(+)

diff --git a/internal/components/search.go b/internal/components/search.go
index ae44476..3c28597 100644
--- a/internal/components/search.go
+++ b/internal/components/search.go
@@ -19,6 +19,7 @@ func SearchForm(tdata TemplateData, r ResultData) g.Node {
 			Input(
 				ID("query"),
 				Aria("labelledby", "legend"),
+				MinLength("2"),
 				Name("query"),
 				Type("search"),
 				Value(r.Query),
diff --git a/internal/server/mux.go b/internal/server/mux.go
index 151fb96..968b37c 100644
--- a/internal/server/mux.go
+++ b/internal/server/mux.go
@@ -96,6 +96,12 @@ func NewMux(
 			if r.URL.Query().Has("query") {
 				qs := r.URL.Query().Get("query")
 
+				if len(qs) < 2 {
+					errorHandler(w, r, "Query too short", http.StatusBadRequest)
+
+					return
+				}
+
 				var pageSize int = search.DefaultPageSize
 				var pageNumber = 1
 				if pg := r.URL.Query().Get("page"); pg != "" {
-- 
cgit 1.4.1