Apache
/
lucene
mirror of https://github.com/apache/lucene.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SOLR-7949: Resolve XSS issue in Admin UI stats page 

git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1696782 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Jan Høydahl 2015-08-20 12:54:07 +00:00
parent 98f8e9fe2e
commit fd33cfdc03
2 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
solr/CHANGES.txt
View File

@ -144,6 +144,8 @@ Bug Fixes
* SOLR-7941: multivalued params are concatenated when using config API (noble) * SOLR-7941: multivalued params are concatenated when using config API (noble)
* SOLR-7949: Resolve XSS issue in Admin UI stats page (David Chiu via janhoy)
Optimizations Optimizations
---------------------- ----------------------

2
solr/webapp/web/js/scripts/plugins.js
View File

@ -282,7 +282,7 @@ var render_plugin_data = function( plugin_data, plugin_sort, types )
var entry_count = entries.length; var entry_count = entries.length;
for( var i = 0; i < entry_count; i++ ) for( var i = 0; i < entry_count; i++ )
{ {
$( 'a[data-bean="' + entries[i] + '"]', frame_element ) $( 'a[data-bean="' + entries[i].esc() + '"]', frame_element )
.parent().addClass( 'expanded' ); .parent().addClass( 'expanded' );
} }