Gracefully handle invalid queries

core/lib/opensearch.py

@@ -1,5 +1,6 @@
 from django.conf import settings
 from opensearchpy import OpenSearch
+from opensearchpy.exceptions import RequestError
 
 
 def initialise_opensearch():
@@ -91,7 +92,10 @@ def run_main_query(client, user, query, fields=None, size=None):
             return False
     search_query = construct_query(query, fields, size)
     # fmt: off
+    try:
         response = client.search(body=search_query,
                                  index=settings.OPENSEARCH_INDEX_MAIN)
+    except RequestError:
+        return False
     filter_blacklisted(user, response)
     return response

core/views/dynamic/search.py

@@ -2,7 +2,7 @@ import json
 
 from django.conf import settings
 from django.contrib.auth.mixins import LoginRequiredMixin
-from django.http import HttpResponse, JsonResponse
+from django.http import HttpResponse, HttpResponseForbidden, JsonResponse
 from django.shortcuts import render
 from django.views import View
 
@@ -72,9 +72,11 @@ class Search(LoginRequiredMixin, View):
 
     def post(self, request):
         if not request.user.has_plan(self.plan_name):
-            return render(request, "denied.html")
+            return HttpResponseForbidden()
 
         context = query_results(request, request.POST)
+        if not context:
+            return HttpResponseForbidden()
         context["data"] = json.dumps(
             [
                 {