Mercurial > dovecot > core-2.2
changeset 19428:9d5c59d98857
fts-solr: Fixed escaping query parameters.
Solr documentation says that "quoted string" would already work without
escaping, but that doesn't seem to be true (we were also missing the \"
escaping there). So we'll now escape all the special characters without
quotes around it, which seems to work. Also added '/' to list of special
characters, which is used by Solr 4.0.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Fri, 27 Nov 2015 15:24:41 +0200 |
parents | 574c1e5b3d90 |
children | 695391a09045 |
files | src/plugins/fts-solr/fts-backend-solr-old.c src/plugins/fts-solr/fts-backend-solr.c |
diffstat | 2 files changed, 36 insertions(+), 12 deletions(-) [+] |
line wrap: on
line diff
--- a/src/plugins/fts-solr/fts-backend-solr-old.c Fri Nov 27 14:57:03 2015 +0200 +++ b/src/plugins/fts-solr/fts-backend-solr-old.c Fri Nov 27 15:24:41 2015 +0200 @@ -42,6 +42,8 @@ bool documents_added; }; +static const char *solr_escape_chars = "+-&|!(){}[]^\"~*?:\\/ "; + static bool is_valid_xml_char(unichar_t chr) { /* Valid characters in XML: @@ -139,18 +141,28 @@ return str_c(tmp); } +static const char *solr_escape(const char *str) +{ + string_t *ret; + unsigned int i; + + ret = t_str_new(strlen(str) + 16); + for (i = 0; str[i] != '\0'; i++) { + if (strchr(solr_escape_chars, str[i]) != NULL) + str_append_c(ret, '\\'); + str_append_c(ret, str[i]); + } + return str_c(ret); +} + static void solr_quote(string_t *dest, const char *str) { - str_append_c(dest, '"'); - str_append(dest, str_escape(str)); - str_append_c(dest, '"'); + str_append(dest, solr_escape(str)); } static void solr_quote_http(string_t *dest, const char *str) { - str_append(dest, "%22"); - http_url_escape_param(dest, str); - str_append(dest, "%22"); + http_url_escape_param(dest, solr_escape(str)); } static void fts_solr_set_default_ns(struct solr_fts_backend *backend)
--- a/src/plugins/fts-solr/fts-backend-solr.c Fri Nov 27 14:57:03 2015 +0200 +++ b/src/plugins/fts-solr/fts-backend-solr.c Fri Nov 27 15:24:41 2015 +0200 @@ -63,6 +63,8 @@ unsigned int truncate_header:1; }; +static const char *solr_escape_chars = "+-&|!(){}[]^\"~*?:\\/ "; + static bool is_valid_xml_char(unichar_t chr) { /* Valid characters in XML: @@ -143,11 +145,23 @@ xml_encode_data(dest, (const unsigned char *)str, strlen(str)); } +static const char *solr_escape(const char *str) +{ + string_t *ret; + unsigned int i; + + ret = t_str_new(strlen(str) + 16); + for (i = 0; str[i] != '\0'; i++) { + if (strchr(solr_escape_chars, str[i]) != NULL) + str_append_c(ret, '\\'); + str_append_c(ret, str[i]); + } + return str_c(ret); +} + static void solr_quote_http(string_t *dest, const char *str) { - str_append(dest, "%22"); - http_url_escape_param(dest, str); - str_append(dest, "%22"); + http_url_escape_param(dest, solr_escape(str)); } static struct fts_backend *fts_backend_solr_alloc(void) @@ -623,8 +637,6 @@ static bool solr_need_escaping(const char *str) { - const char *solr_escape_chars = "+-&|!(){}[]^\"~*?:\\ "; - for (; *str != '\0'; str++) { if (strchr(solr_escape_chars, *str) != NULL) return TRUE; @@ -640,7 +652,7 @@ if (!arg->fuzzy || solr_need_escaping(arg->value.str)) solr_quote_http(str, arg->value.str); else { - str_append(str, arg->value.str); + http_url_escape_param(str, arg->value.str); str_append_c(str, '~'); } }