[ https://issues.apache.org/jira/browse/SOLR-1603?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12806009#action_12806009 ]
Erik Hatcher commented on SOLR-1603: ------------------------------------ I'm aware of the risk of eval'ing untrusted strings, but I'm not sure how this could be a problem with a Solr response. Can someone provide an example of how a Solr response in any of these formats could be problematic security-wise? All strings are escaped, so code within a string value of a field would still eval only to a string, and would only execute if that string got eval'd. > Perl Response Writer > -------------------- > > Key: SOLR-1603 > URL: https://issues.apache.org/jira/browse/SOLR-1603 > Project: Solr > Issue Type: New Feature > Components: Response Writers > Reporter: Claudio Valente > Priority: Minor > Attachments: SOLR-1603.patch > > > I've made a patch that implements a Perl response writer for Solr. > It's nan/inf and unicode aware. > I don't know whether some fields can be binary but if so I can probably > extend it to support that. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.