SOLR-1031: Fix XSS vulnerability in schema.jsp

git-svn-id: https://svn.apache.org/repos/asf/lucene/solr/trunk@746481 13f79535-47bb-0310-9956-ffa450edef68

CHANGES.txt

@@ -267,6 +267,10 @@ Bug Fixes
 32. SOLR-1018: Slave is unable to replicate when server acts as repeater (as both master and slave)
     (Akshay Ukey, Noble Paul via shalin)
 
+33. SOLR-1026: Add protected words support to SnowballPorterFilterFactory (ehatcher)
+
+34. SOLR-1031: Fix XSS vulnerability in schema.jsp (Paul Lovvik via ehatcher)
+
 
 Other Changes
 ----------------------

src/webapp/web/admin/schema.jsp

@@ -490,14 +490,10 @@
         
         var numTerms = 0;
         $.each(topTerms, function(term, count) {
-          var row = document.createElement('tr');
-          var c1 = document.createElement('td');
-          c1.innerHTML=term;
-          var c2 = document.createElement('td');
-          c2.innerHTML=count;
-          row.appendChild(c1);
-          row.appendChild(c2);
-          tbody.appendChild(row);
+          var c1 = $('<td>').text(term);
+          var c2 = $('<td>').text(count);
+          var row = $('<tr>').append(c1).append(c2);
+          tbody.appendChild(row.get(0));
           numTerms++;
         });
         tbl.appendChild(tbody);