Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow to configure encoder when highlighting with default and html (escape) options #1120

Closed
jsuchal opened this issue Jul 13, 2011 · 2 comments
Closed

Allow to configure encoder when highlighting with default and html (escape) options #1120

jsuchal opened this issue Jul 13, 2011 · 2 comments
Labels
>enhancement v0.18.0

Comments

@jsuchal
Copy link

jsuchal commented Jul 13, 2011

Allow to set encoder within the highlight element, with possible values of default and html.

--- Original Request
Hi there,

seems like default encoder is used in ES https://github.com/elasticsearch/elasticsearch/blob/master/modules/elasticsearch/src/main/java/org/elasticsearch/search/highlight/HighlightPhase.java#L56

This is normally not a problem, since you probably don't want any malicious html/js in your documents anyway. But imagine a text document (e.g. html tutorial in plain text) which contains some html tags, javascript...

Example:

There are headline tags like <h1> which...

Now getting highlights from such document is unsafe since you will get this when searching for tags like

There are headline <em>tags like</em><h1> which...

Any chance to make the default SimpleHTMLEncoder or at least provide an option to make it customizable?
@jassinm
Copy link

jassinm commented Sep 1, 2011

have a look : #1295

@kimchy
Copy link
Member

kimchy commented Oct 25, 2011

closing...

@kimchy kimchy closed this as completed Oct 25, 2011
williamrandolph pushed a commit to williamrandolph/elasticsearch that referenced this issue Jun 4, 2020
@jbaiera
Overhaul the build system to be modular. (elastic#1120)
eb413a8 
Split apart the one-file build system into a modular build layout, using plugins
to control common build logic. Shave off the old plugins that aren't really used.
Clean up the last few problems with urls in poms to use https. Remove the s3
and checksum plugins. Reorganize tasks to make the build more sane. Use
composite gradle builds to create the cross compiled Scala artifacts.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
>enhancement v0.18.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jsuchal @kimchy @jassinm