Uploaded image for project: 'Magnolia'
  1. Magnolia
  2. MAGNOLIA-7687

Solr Plugin does not sanitize query string

    XMLWordPrintable

Details

    • Bug
    • Resolution: Unresolved
    • Neutral
    • None
    • None
    • None

    Description

      The default magnolia solr search does not sanitize user input. We could do interesting things with search terms like

      ...?queryStr=%3Ca+href%3D%22lol+was+geht%22%3E+spielplatz+%3C%2Fa%3E+%3Cimg+src%3D%22irgendwas%22+onerror%3D%22window.location%3D%27https%3A%2F%2Fgoogle.de%3Fq%3Dxss%27%22%3E#%22%3E%20spielplatz%20%3C/a%3E
      

      or showing an image and trying to link something in the recommendations (Vorschläge)

      ...?queryStr=%3Ca+href%3D%22www.google.de%22%3E+spielplatz+%3C%2Fa%3E+%3Cimg+src%3D%22https%3A%2F%2Fwww.genobroker-info.de%2Fdam%2Fjcr%3Aa7a45853-1c0e-4327-8639-8cc257b4a80d%2F321_Raiffeisen%2520Aulendorf%2520Logo%25204c1sp.png%22
      

      We tried to sanitize the input by using the following code in the search model:

          public String getQueryStr() {
              String queryString = super.getQueryStr();
              String sanitizesQueryString = StringEscapeUtils.escapeHtml4(queryString);
              return sanitizesQueryString;
          }
      
      

      Checklists

        Acceptance criteria

        Attachments

          Activity

            People

              Unassigned Unassigned
              skleine Sebastian Kleine
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:

                Checklists

                  Bug DoR
                  Task DoD