[ https://issues.apache.org/jira/browse/SOLR-10943?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16060917#comment-16060917 ]
Yonik Seeley commented on SOLR-10943: ------------------------------------- bq. and will lead to an error if the parameter fails to resolve It actually works like shell in that respect: {code} ~$ echo "foo${bar}baz" foobaz {code} > SolrJ ClientUtils.escapeQueryChars should escape '$' to avoid Solr macro > expansion > ---------------------------------------------------------------------------------- > > Key: SOLR-10943 > URL: https://issues.apache.org/jira/browse/SOLR-10943 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) > Components: SolrJ > Affects Versions: 5.1 > Reporter: David Smiley > > Since Solr 5.1, parameters containing > {noformat} > foo${bar}baz > {noformat} syntax will have parameter substitution performed, and will lead > to an error if the parameter fails to resolve. ClientUtils.escapeQueryChars > should escape the dollar sign. Heck, perhaps it should simply escape any > char that isn't a letter, digit, or whitespace? > I think this would be good but it admittedly isn't a cure-all for > unanticipated macro expansions. For example if a client app sends 'q' to be > processed by edismax, then ClientUtils.escapeQueryChars shouldn't be used > (user may want quoting, for example; this shouldn't be escaped). -- This message was sent by Atlassian JIRA (v6.4.14#64029) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org