Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[BUGFIX] Sanitize frequent and last searches output #3590

Commits on Apr 5, 2023

  1. [BUGFIX] Sanitize frequent and last searches output

    Wraps output of frequent searches and last searches in
    format.htmlentities, to prevent XSS. In rare scenarios
    there might be issues with unsanitized output of frequent
    searches and/or last searches, this issues are now solved.
    
    The StatisticsWriterProcessor is already sanitizing the stored
    terms, but as it's possible to use any custom table it should be
    ensured the data is sanitized.
    
    If last searches is activated and configured for global mode,
    there might be issues too. Though it's required that the prepared
    query delivers result documents, as EXT:solr will only store the
    terms if results are found, the output should be sanitized too.
    
    Resolves: TYPO3-Solr#3589
    dkd-friedrich committed Apr 5, 2023
    Configuration menu
    Copy the full SHA
    fca01cd View commit details
    Browse the repository at this point in the history