Some vulnerability scanners try to find security issues in all webforms
and submit invalid null byte into the search from. This is cleaned out
by django and leads to 'q' not being set which gives a 500 error. Check
if the 'q' key exists in the cleaned_data if not return an empty list.

Signed-off-by: Jelle van der Waa <jelle@vdwaa.nl>