You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@lucene.apache.org by "Stefan Matheis (steffkes) (JIRA)" <ji...@apache.org> on 2014/05/21 10:07:38 UTC

[jira] [Resolved] (SOLR-6098) SOLR console displaying JSON does not escape text properly

     [ https://issues.apache.org/jira/browse/SOLR-6098?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Stefan Matheis (steffkes) resolved SOLR-6098.
---------------------------------------------

       Resolution: Duplicate
    Fix Version/s: 4.5
         Assignee: Stefan Matheis (steffkes)

> SOLR console displaying JSON does not escape text properly
> ----------------------------------------------------------
>
>                 Key: SOLR-6098
>                 URL: https://issues.apache.org/jira/browse/SOLR-6098
>             Project: Solr
>          Issue Type: Bug
>          Components: web gui
>    Affects Versions: 4.4
>            Reporter: Kingston Duffie
>            Assignee: Stefan Matheis (steffkes)
>            Priority: Minor
>             Fix For: 4.5
>
>
> In the SOLR admin web console, when displaying JSON response for Query, the text is not being HTML escaped, so any text that happens to match HTML markup is being processed as HTML. 
> For example, enter "<strike>hello</strike>" in the "q" textbox and the responseHeader will contain:
> "q": "body:hello" where the "hello" portion is shown using strikeout.  
> This seems benign, but can be extremely confusing when viewing results, because if your fields happen to contain, for example, <fo...@bar.com>, this will be completely missing (because the browser treats this as an invalid tag).



--
This message was sent by Atlassian JIRA
(v6.2#6252)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org