Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-6098

SOLR console displaying JSON does not escape text properly

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Duplicate
    • Affects Version/s: 4.4
    • Fix Version/s: 4.5
    • Component/s: Admin UI
    • Labels:
      None

      Description

      In the SOLR admin web console, when displaying JSON response for Query, the text is not being HTML escaped, so any text that happens to match HTML markup is being processed as HTML.

      For example, enter "<strike>hello</strike>" in the "q" textbox and the responseHeader will contain:

      "q": "body:hello" where the "hello" portion is shown using strikeout.

      This seems benign, but can be extremely confusing when viewing results, because if your fields happen to contain, for example, <foo@bar.com>, this will be completely missing (because the browser treats this as an invalid tag).

        Attachments

        Issue Links

          Activity

            People

            • Assignee:
              steffkes Stefan Matheis
              Reporter:
              kduffie Kingston Duffie

              Dates

              • Created:
                Updated:
                Resolved:

                Issue deployment