Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-6098

SOLR console displaying JSON does not escape text properly

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Duplicate
    • Affects Version/s: 4.4
    • Fix Version/s: 4.5
    • Component/s: Admin UI
    • Labels:
      None

      Description

      In the SOLR admin web console, when displaying JSON response for Query, the text is not being HTML escaped, so any text that happens to match HTML markup is being processed as HTML.

      For example, enter "<strike>hello</strike>" in the "q" textbox and the responseHeader will contain:

      "q": "body:hello" where the "hello" portion is shown using strikeout.

      This seems benign, but can be extremely confusing when viewing results, because if your fields happen to contain, for example, <foo@bar.com>, this will be completely missing (because the browser treats this as an invalid tag).

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                steffkes Stefan Matheis
                Reporter:
                kduffie Kingston Duffie
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: