David Smiley created SOLR-10943:
-----------------------------------
Summary: SolrJ ClientUtils.escapeQueryChars should escape '$' to
avoid Solr macro expansion
Key: SOLR-10943
URL: https://issues.apache.org/jira/browse/SOLR-10943
Project: Solr
Issue Type: Bug
Security Level: Public (Default Security Level. Issues are Public)
Components: SolrJ
Affects Versions: 5.1
Reporter: David Smiley
Since Solr 5.1, parameters containing
{noformat}
foo${bar}baz
{noformat} syntax will have parameter substitution performed, and will lead to
an error if the parameter fails to resolve. ClientUtils.escapeQueryChars
should escape the dollar sign. Heck, perhaps it should simply escape any char
that isn't a letter, digit, or whitespace?
I think this would be good but it admittedly isn't a cure-all for unanticipated
macro expansions. For example if a client app sends 'q' to be processed by
edismax, then ClientUtils.escapeQueryChars shouldn't be used (user may want
quoting, for example; this shouldn't be escaped).
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
