Correct stripping of non BasicLatin characters

lib/search.rb

@@ -100,7 +100,8 @@ module Search
   def self.query(term, type_filter=nil)
 
     return nil if term.blank?
-    sanitized_term = PG::Connection.escape_string(term) #term.gsub(/[^0-9a-zA-Z_ ]/, '')
+    sanitized_term = PG::Connection.escape_string(term.gsub(/[:()&!]/,'')) # Instead of original term.gsub(/[^0-9a-zA-Z_ ]/, '')
+    # We are stripping only symbols taking place in FTS and simply sanitizing the rest.
 
     # really short terms are totally pointless
     return nil if sanitized_term.blank? || sanitized_term.length < self.min_search_term_length

spec/components/search_spec.rb

@@ -1,3 +1,5 @@
+# encoding: utf-8
+
 require 'spec_helper'
 require 'search'
 
@@ -70,8 +72,7 @@ describe Search do
   end
 
   it 'escapes non alphanumeric characters' do
-    ActiveRecord::Base.expects(:exec_sql).never
-    Search.query(':!$').should be_blank
+    Search.query(':!$);}]>@\#\"\'').should be_blank # There are at least three levels of sanitation for Search.query!
   end
 
   it 'works when given two terms with spaces' do
@@ -123,6 +124,20 @@ describe Search do
 
   end
 
+  context 'cyrillic topic' do
+    let!(:cyrillic_topic) { Fabricate(:topic) do
+                                                user
+                                                title { sequence(:title) { |i| "Тестовая запись #{i}" } }
+                                              end
+    }
+    let!(:post) {Fabricate(:post, topic: cyrillic_topic, user: cyrillic_topic.user)}
+    let(:result) { first_of_type(Search.query('запись'), 'topic') }
+
+    it 'finds something when given cyrillic query' do
+      result.should be_present
+    end
+  end
+
   context 'categories' do
 
     let!(:category) { Fabricate(:category) }