To allow secure usage of query and search the parameters are
no longer parsed as value but instead of positional arguments.

This allows us to register "kleoptra --query -- $1" as an
URL handler for openpgp4fpr: without the risk of command
line injection through an unsescaped query string.

Similarly the double dash should be used for file handling
to avoid command line injection through filenames.