I have a search feature that is implemented with the AJAX toolkit to use SOSL.
var results = sforce.connection.search("FIND {" + sanitize(...) + "} IN NAME FIELDS RETURNING ...");
The sanitize(...)
function escapes SOSL-reserved characters (below) according to the documentation by inserting backslashes so that they are interpreted by SOSL as literal characters.
? & | ! { } [ ] ( ) ^ ~ * : \ " ' + -
Because the documentation instructs to escape the above special characters, the user now loses the ability to use the *
and ?
wildcards (e.g., if the user enters amer*
, the sanitize
would convert it to amer\*
)
This now brings me to a few questions,
- Should the
*
and?
wildcards be exposed to the user, ie. unescaped? - How can the implementation distinguish if the user intends to use a literal asterisk from a wildcard search?
Best Answer
From the SOSL Wildcards documentation:
So I'd say it is expected that you only escape the
*
if you want the literal value.It would probably be easiest to let the users escape the * character if required. Of have a "With Wildcards" option next to the search input to toggle if you do full escaping or not.