dovecot-2.2: fts-solr: Fixed escaping query parameters.
dovecot at dovecot.org
dovecot at dovecot.org
Fri Nov 27 13:24:54 UTC 2015
details: http://hg.dovecot.org/dovecot-2.2/rev/9d5c59d98857
changeset: 19428:9d5c59d98857
user: Timo Sirainen <tss at iki.fi>
date: Fri Nov 27 15:24:41 2015 +0200
description:
fts-solr: Fixed escaping query parameters.
Solr documentation says that "quoted string" would already work without
escaping, but that doesn't seem to be true (we were also missing the \"
escaping there). So we'll now escape all the special characters without
quotes around it, which seems to work. Also added '/' to list of special
characters, which is used by Solr 4.0.
diffstat:
src/plugins/fts-solr/fts-backend-solr-old.c | 24 ++++++++++++++++++------
src/plugins/fts-solr/fts-backend-solr.c | 24 ++++++++++++++++++------
2 files changed, 36 insertions(+), 12 deletions(-)
diffs (104 lines):
diff -r 574c1e5b3d90 -r 9d5c59d98857 src/plugins/fts-solr/fts-backend-solr-old.c
--- a/src/plugins/fts-solr/fts-backend-solr-old.c Fri Nov 27 14:57:03 2015 +0200
+++ b/src/plugins/fts-solr/fts-backend-solr-old.c Fri Nov 27 15:24:41 2015 +0200
@@ -42,6 +42,8 @@
bool documents_added;
};
+static const char *solr_escape_chars = "+-&|!(){}[]^\"~*?:\\/ ";
+
static bool is_valid_xml_char(unichar_t chr)
{
/* Valid characters in XML:
@@ -139,18 +141,28 @@
return str_c(tmp);
}
+static const char *solr_escape(const char *str)
+{
+ string_t *ret;
+ unsigned int i;
+
+ ret = t_str_new(strlen(str) + 16);
+ for (i = 0; str[i] != '\0'; i++) {
+ if (strchr(solr_escape_chars, str[i]) != NULL)
+ str_append_c(ret, '\\');
+ str_append_c(ret, str[i]);
+ }
+ return str_c(ret);
+}
+
static void solr_quote(string_t *dest, const char *str)
{
- str_append_c(dest, '"');
- str_append(dest, str_escape(str));
- str_append_c(dest, '"');
+ str_append(dest, solr_escape(str));
}
static void solr_quote_http(string_t *dest, const char *str)
{
- str_append(dest, "%22");
- http_url_escape_param(dest, str);
- str_append(dest, "%22");
+ http_url_escape_param(dest, solr_escape(str));
}
static void fts_solr_set_default_ns(struct solr_fts_backend *backend)
diff -r 574c1e5b3d90 -r 9d5c59d98857 src/plugins/fts-solr/fts-backend-solr.c
--- a/src/plugins/fts-solr/fts-backend-solr.c Fri Nov 27 14:57:03 2015 +0200
+++ b/src/plugins/fts-solr/fts-backend-solr.c Fri Nov 27 15:24:41 2015 +0200
@@ -63,6 +63,8 @@
unsigned int truncate_header:1;
};
+static const char *solr_escape_chars = "+-&|!(){}[]^\"~*?:\\/ ";
+
static bool is_valid_xml_char(unichar_t chr)
{
/* Valid characters in XML:
@@ -143,11 +145,23 @@
xml_encode_data(dest, (const unsigned char *)str, strlen(str));
}
+static const char *solr_escape(const char *str)
+{
+ string_t *ret;
+ unsigned int i;
+
+ ret = t_str_new(strlen(str) + 16);
+ for (i = 0; str[i] != '\0'; i++) {
+ if (strchr(solr_escape_chars, str[i]) != NULL)
+ str_append_c(ret, '\\');
+ str_append_c(ret, str[i]);
+ }
+ return str_c(ret);
+}
+
static void solr_quote_http(string_t *dest, const char *str)
{
- str_append(dest, "%22");
- http_url_escape_param(dest, str);
- str_append(dest, "%22");
+ http_url_escape_param(dest, solr_escape(str));
}
static struct fts_backend *fts_backend_solr_alloc(void)
@@ -623,8 +637,6 @@
static bool solr_need_escaping(const char *str)
{
- const char *solr_escape_chars = "+-&|!(){}[]^\"~*?:\\ ";
-
for (; *str != '\0'; str++) {
if (strchr(solr_escape_chars, *str) != NULL)
return TRUE;
@@ -640,7 +652,7 @@
if (!arg->fuzzy || solr_need_escaping(arg->value.str))
solr_quote_http(str, arg->value.str);
else {
- str_append(str, arg->value.str);
+ http_url_escape_param(str, arg->value.str);
str_append_c(str, '~');
}
}
More information about the dovecot-cvs
mailing list