[
https://issues.apache.org/jira/browse/SOLR-1594?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12781504#action_12781504
]
Yonik Seeley commented on SOLR-1594:
------------------------------------
OK....
{code}
curl 'http://localhost:8983/solr/select/?q=title:";<script>alert("xss")</script>'
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"/>
<title>Error 400 </title>
</head>
<body><h2>HTTP ERROR:
400</h2><pre>org.apache.lucene.queryParser.ParseException: Cannot parse
'title:"<script>alert("xss")</script>': Lexical error at line 1,
column 37. Encountered: <EOF> after : "\")</script>"</pre>
<p>RequestURI=/solr/select/</p><p><i><small><a
href="http://jetty.mortbay.org/";>Powered by Jetty://</a></small></i></p><br/>
<br/>
<br/>
<br/>
<br/>
<br/>
<br/>
<br/>
<br/>
<br/>
<br/>
<br/>
<br/>
<br/>
<br/>
<br/>
<br/>
<br/>
<br/>
<br/>
</body>
</html>
{code}
>From the browser, it displays:
{code}
HTTP ERROR: 400
org.apache.lucene.queryParser.ParseException: Cannot parse
'title:"<script>alert("xss")</script>': Lexical error at line 1, column 37.
Encountered: <EOF> after : "\")</script>"
RequestURI=/solr/select/
Powered by Jetty://
{code}
> SolrDispatchFilter needs to sanitize exception message
> ------------------------------------------------------
>
> Key: SOLR-1594
> URL: https://issues.apache.org/jira/browse/SOLR-1594
> Project: Solr
> Issue Type: Bug
> Affects Versions: 1.4
> Reporter: Bill Au
> Assignee: Bill Au
> Fix For: 1.5
>
> Attachments: solr-1594.patch
>
>
> SolrDispatchFIlter needs to sanitize exception messages before using them in
> the response. I will attach a patch shortly.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
