You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lucene.apache.org by up...@apache.org on 2015/08/16 21:41:29 UTC
svn commit: r1696162 - in /lucene/dev/branches/branch_5x: ./ solr/
solr/webapp/ solr/webapp/web/js/scripts/schema-browser.js
Author: upayavira
Date: Sun Aug 16 19:41:29 2015
New Revision: 1696162
URL: http://svn.apache.org/r1696162
Log:
SOLR-7920 XSS issue in old schema-browser page
Modified:
lucene/dev/branches/branch_5x/ (props changed)
lucene/dev/branches/branch_5x/solr/ (props changed)
lucene/dev/branches/branch_5x/solr/webapp/ (props changed)
lucene/dev/branches/branch_5x/solr/webapp/web/js/scripts/schema-browser.js
Modified: lucene/dev/branches/branch_5x/solr/webapp/web/js/scripts/schema-browser.js
URL: http://svn.apache.org/viewvc/lucene/dev/branches/branch_5x/solr/webapp/web/js/scripts/schema-browser.js?rev=1696162&r1=1696161&r2=1696162&view=diff
==============================================================================
--- lucene/dev/branches/branch_5x/solr/webapp/web/js/scripts/schema-browser.js (original)
+++ lucene/dev/branches/branch_5x/solr/webapp/web/js/scripts/schema-browser.js Sun Aug 16 19:41:29 2015
@@ -273,7 +273,7 @@ sammy.bind
'types' : []
}
- $( 'option[value="' + params.route_params.path + '"]', related_select_element )
+ $( 'option[value="' + params.route_params.path.esc() + '"]', related_select_element )
.attr( 'selected', 'selected' );
related_select_element