Kingston Duffie created SOLR-6098:
-------------------------------------
Summary: SOLR console displaying JSON does not escape text properly
Key: SOLR-6098
URL: https://issues.apache.org/jira/browse/SOLR-6098
Project: Solr
Issue Type: Bug
Reporter: Kingston Duffie
Priority: Minor
In the SOLR admin web console, when displaying JSON response for Query, the
text is not being HTML escaped, so any text that happens to match HTML markup
is being processed as HTML.
For example, enter "<strike>hello</strike>" in the "q" textbox and the
responseHeader will contain:
"q": "body:hello" where the "hello" portion is shown using strikeout.
This seems benign, but can be extremely confusing when viewing results, because
if your fields happen to contain, for example, <[email protected]>, this will be
completely missing (because the browser treats this as an invalid tag).
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
