You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lucene.apache.org by ab...@apache.org on 2018/04/16 17:20:44 UTC
[04/46] lucene-solr:jira/solr-11833: SOLR-12190: properly escape
output in GraphMLResponseWriter
SOLR-12190: properly escape output in GraphMLResponseWriter
Project: http://git-wip-us.apache.org/repos/asf/lucene-solr/repo
Commit: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/8d20fc57
Tree: http://git-wip-us.apache.org/repos/asf/lucene-solr/tree/8d20fc57
Diff: http://git-wip-us.apache.org/repos/asf/lucene-solr/diff/8d20fc57
Branch: refs/heads/jira/solr-11833
Commit: 8d20fc575bab2c4d0353bb34c6dc66566290f094
Parents: 8927d46
Author: yonik <yo...@apache.org>
Authored: Wed Apr 11 22:57:34 2018 -0400
Committer: yonik <yo...@apache.org>
Committed: Wed Apr 11 23:00:03 2018 -0400
----------------------------------------------------------------------
solr/CHANGES.txt | 3 +++
.../apache/solr/response/GraphMLResponseWriter.java | 14 +++++++-------
2 files changed, 10 insertions(+), 7 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/8d20fc57/solr/CHANGES.txt
----------------------------------------------------------------------
diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
index c07c1f7..360d663 100644
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@@ -139,6 +139,9 @@ Bug Fixes
* SOLR-12201: TestReplicationHandler.doTestIndexFetchOnMasterRestart(): handle unexpected replication failures
(Steve Rowe)
+
+* SOLR-12190: Need to properly escape output in GraphMLResponseWriter. (yonik)
+
Optimizations
----------------------
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/8d20fc57/solr/core/src/java/org/apache/solr/response/GraphMLResponseWriter.java
----------------------------------------------------------------------
diff --git a/solr/core/src/java/org/apache/solr/response/GraphMLResponseWriter.java b/solr/core/src/java/org/apache/solr/response/GraphMLResponseWriter.java
index 7f2fac2..c41e2a2 100644
--- a/solr/core/src/java/org/apache/solr/response/GraphMLResponseWriter.java
+++ b/solr/core/src/java/org/apache/solr/response/GraphMLResponseWriter.java
@@ -97,7 +97,7 @@ public class GraphMLResponseWriter implements QueryResponseWriter {
id = tuple.getString("collection") + "." + id;
}
- writer.write("<node id=\""+replace(id)+"\"");
+ printWriter.write("<node id=\""+ xmlEscape(id)+"\"");
List<String> outfields = new ArrayList();
Iterator<String> keys = tuple.fields.keySet().iterator();
@@ -115,7 +115,7 @@ public class GraphMLResponseWriter implements QueryResponseWriter {
for (String nodeAttribute : outfields) {
Object o = tuple.get(nodeAttribute);
if (o != null) {
- printWriter.println("<data key=\""+nodeAttribute+"\">" + o.toString() + "</data>");
+ printWriter.println("<data key=\"" + xmlEscape(nodeAttribute) + "\">" + xmlEscape(o.toString()) + "</data>");
}
}
printWriter.println("</node>");
@@ -128,20 +128,20 @@ public class GraphMLResponseWriter implements QueryResponseWriter {
if(ancestors != null) {
for (String ancestor : ancestors) {
++edgeCount;
- writer.write("<edge id=\"" + edgeCount + "\" ");
- writer.write(" source=\"" + replace(ancestor) + "\" ");
- printWriter.println(" target=\"" + replace(id) + "\"/>");
+ printWriter.write("<edge id=\"" + edgeCount + "\" ");
+ printWriter.write(" source=\"" + xmlEscape(ancestor) + "\" ");
+ printWriter.println(" target=\"" + xmlEscape(id) + "\"/>");
}
}
}
- writer.write("</graph></graphml>");
+ printWriter.write("</graph></graphml>");
} finally {
stream.close();
}
}
- private String replace(String s) {
+ private String xmlEscape(String s) {
if(s.indexOf(">") > -1) {
s = s.replace(">", ">");
}