lucene-solr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Au (JIRA)" <j...@apache.org>
Subject [jira] Commented: (SOLR-1594) SolrDispatchFilter needs to sanitize exception message
Date Mon, 23 Nov 2009 18:33:39 GMT

    [ https://issues.apache.org/jira/browse/SOLR-1594?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12781522#action_12781522
] 

Bill Au commented on SOLR-1594:
-------------------------------

I just tried it and Jetty does double-escape:

org.apache.lucene.queryParser.ParseException: Cannot parse '"&amp;lt;script&amp;gt;alert("xss")&amp;lt;/script&amp;gt;':
Lexical error at line 1, column 31.  Encountered: &amp;lt;EOF&amp;gt; after : "\")&amp;lt;/script&amp;gt;"

So should we leave it up to the appserver to do the right thing or should Solr be more proactive?
 To me double-escaping is a lesser evil than being vulnerable to xss attack.

> SolrDispatchFilter needs to sanitize exception message
> ------------------------------------------------------
>
>                 Key: SOLR-1594
>                 URL: https://issues.apache.org/jira/browse/SOLR-1594
>             Project: Solr
>          Issue Type: Bug
>    Affects Versions: 1.4
>            Reporter: Bill Au
>            Assignee: Bill Au
>             Fix For: 1.5
>
>         Attachments: solr-1594.patch
>
>
> SolrDispatchFIlter needs to sanitize exception messages before using them in the response.
 I will attach a patch shortly.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message