You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lucene.apache.org by yo...@apache.org on 2018/04/12 04:28:22 UTC
lucene-solr:branch_7x: SOLR-12190: properly escape output in
GraphMLResponseWriter
Repository: lucene-solr
Updated Branches:
refs/heads/branch_7x ba26bf7c6 -> c7548f9d1
SOLR-12190: properly escape output in GraphMLResponseWriter
Project: http://git-wip-us.apache.org/repos/asf/lucene-solr/repo
Commit: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/c7548f9d
Tree: http://git-wip-us.apache.org/repos/asf/lucene-solr/tree/c7548f9d
Diff: http://git-wip-us.apache.org/repos/asf/lucene-solr/diff/c7548f9d
Branch: refs/heads/branch_7x
Commit: c7548f9d1bec658e8caade2348bceb365568647e
Parents: ba26bf7
Author: yonik <yo...@apache.org>
Authored: Wed Apr 11 22:57:34 2018 -0400
Committer: yonik <yo...@apache.org>
Committed: Thu Apr 12 00:22:40 2018 -0400
----------------------------------------------------------------------
solr/CHANGES.txt | 3 +++
.../apache/solr/response/GraphMLResponseWriter.java | 14 +++++++-------
2 files changed, 10 insertions(+), 7 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/c7548f9d/solr/CHANGES.txt
----------------------------------------------------------------------
diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
index 0acd2f3..90b720b 100644
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@@ -119,6 +119,9 @@ Bug Fixes
* SOLR-12201: TestReplicationHandler.doTestIndexFetchOnMasterRestart(): handle unexpected replication failures
(Steve Rowe)
+
+* SOLR-12190: Need to properly escape output in GraphMLResponseWriter. (yonik)
+
Optimizations
----------------------
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/c7548f9d/solr/core/src/java/org/apache/solr/response/GraphMLResponseWriter.java
----------------------------------------------------------------------
diff --git a/solr/core/src/java/org/apache/solr/response/GraphMLResponseWriter.java b/solr/core/src/java/org/apache/solr/response/GraphMLResponseWriter.java
index 7f2fac2..c41e2a2 100644
--- a/solr/core/src/java/org/apache/solr/response/GraphMLResponseWriter.java
+++ b/solr/core/src/java/org/apache/solr/response/GraphMLResponseWriter.java
@@ -97,7 +97,7 @@ public class GraphMLResponseWriter implements QueryResponseWriter {
id = tuple.getString("collection") + "." + id;
}
- writer.write("<node id=\""+replace(id)+"\"");
+ printWriter.write("<node id=\""+ xmlEscape(id)+"\"");
List<String> outfields = new ArrayList();
Iterator<String> keys = tuple.fields.keySet().iterator();
@@ -115,7 +115,7 @@ public class GraphMLResponseWriter implements QueryResponseWriter {
for (String nodeAttribute : outfields) {
Object o = tuple.get(nodeAttribute);
if (o != null) {
- printWriter.println("<data key=\""+nodeAttribute+"\">" + o.toString() + "</data>");
+ printWriter.println("<data key=\"" + xmlEscape(nodeAttribute) + "\">" + xmlEscape(o.toString()) + "</data>");
}
}
printWriter.println("</node>");
@@ -128,20 +128,20 @@ public class GraphMLResponseWriter implements QueryResponseWriter {
if(ancestors != null) {
for (String ancestor : ancestors) {
++edgeCount;
- writer.write("<edge id=\"" + edgeCount + "\" ");
- writer.write(" source=\"" + replace(ancestor) + "\" ");
- printWriter.println(" target=\"" + replace(id) + "\"/>");
+ printWriter.write("<edge id=\"" + edgeCount + "\" ");
+ printWriter.write(" source=\"" + xmlEscape(ancestor) + "\" ");
+ printWriter.println(" target=\"" + xmlEscape(id) + "\"/>");
}
}
}
- writer.write("</graph></graphml>");
+ printWriter.write("</graph></graphml>");
} finally {
stream.close();
}
}
- private String replace(String s) {
+ private String xmlEscape(String s) {
if(s.indexOf(">") > -1) {
s = s.replace(">", ">");
}