Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Escape xml in delete() using ElementTree #358

Merged
merged 2 commits into from
Jan 23, 2021
Merged

Escape xml in delete() using ElementTree #358

merged 2 commits into from
Jan 23, 2021

Conversation

ramayer
Copy link
Contributor

@ramayer ramayer commented Jan 22, 2021
edited
Loading

A different approach to [#356] using ElementTree as suggested in a comment.

The pysolr .delete() method was not escaping special characters like <, >, and & in the XML it was generating. See issue [#357].

In particular attempts to delete documents by IDs like this:

    self.solr.delete(id='cats<dogs')

would give error messages, and attempts to delete documents like this:

    self.solr.delete(q='id:*</query><query> id:999 AND id:9999')

could delete more than you would have expected. This pull request (with test cases) escapes the IDs and Lucene Query Expressions in the XML generation step.

This was referenced Jan 22, 2021
Closed
Closed
@ramayer
Copy link
Contributor Author

ramayer commented Jan 22, 2021
edited
Loading

Note that this has the same functionality as [#356 ].

This version took the approach of using minimal changes building XML using ElementTree as the comments under [357] suggested

The other version took the approach of making a more minimal change, building the XML using python strings like the delete() method did earlier.

I have no preference which approach is approved -- they both generate the same XML.

@ramayer ramayer force-pushed the escape_xml_in_delete_using_elementree branch from 5f0001e to 9c08400 Compare January 22, 2021 01:49
@ramayer ramayer force-pushed the escape_xml_in_delete_using_elementree branch from 9c08400 to b48eabd Compare January 22, 2021 16:16
@ramayer
Copy link
Contributor Author

ramayer commented Jan 22, 2021

My initial pull request failed the flake8 tests with too long lines and improper whitespace. I pushed an updated version this morning.

@codecov
Copy link

codecov bot commented Jan 22, 2021

Codecov Report

Merging #358 (b48eabd) into master (cf6e49f) will increase coverage by 0.06%.
The diff coverage is 100.00%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #358      +/-   ##
==========================================
+ Coverage   91.52%   91.58%   +0.06%     
==========================================
  Files           7        7              
  Lines        1369     1379      +10     
==========================================
+ Hits         1253     1263      +10     
  Misses        116      116
Impacted Files Coverage Δ
pysolr.py 85.02% <100.00%> (+0.14%) ⬆️
tests/test_client.py 98.57% <100.00%> (+<0.01%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update cf6e49f...b48eabd. Read the comment docs.

@acdha acdha merged commit 5bd07ea into django-haystack:master Jan 23, 2021
@ramayer ramayer mentioned this pull request Oct 16, 2021
Open
@ramayer ramayer mentioned this pull request Sep 19, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@acdha acdha acdha approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ramayer @acdha