@@ -168,29 +168,31 @@ public void doFilter(HttpServletRequest req, HttpServletResponse resp, FilterCha
168168 HttpSession session = req .getSession ();
169169
170170 // Prevents stream exploitation
171- Map <String , Object > parameters = UtilHttp .getParameterMap (req );
172- boolean reject = false ;
173- if (!parameters .isEmpty ()) {
174- for (String key : parameters .keySet ()) {
175- Object object = parameters .get (key );
176- if (object .getClass ().equals (String .class )) {
177- String val = (String ) object ;
178- if (val .contains ("<" )) {
179- reject = true ;
180- }
181- } else {
182- @ SuppressWarnings ("unchecked" )
183- LinkedList <String > vals = (LinkedList <String >) parameters .get (key );
184- for (String aVal : vals ) {
185- if (aVal .contains ("<" )) {
171+ if (!isSolrTest ()) {
172+ Map <String , Object > parameters = UtilHttp .getParameterMap (req );
173+ boolean reject = false ;
174+ if (!parameters .isEmpty ()) {
175+ for (String key : parameters .keySet ()) {
176+ Object object = parameters .get (key );
177+ if (object .getClass ().equals (String .class )) {
178+ String val = (String ) object ;
179+ if (val .contains ("<" )) {
186180 reject = true ;
187181 }
182+ } else {
183+ @ SuppressWarnings ("unchecked" )
184+ LinkedList <String > vals = (LinkedList <String >) parameters .get (key );
185+ for (String aVal : vals ) {
186+ if (aVal .contains ("<" )) {
187+ reject = true ;
188+ }
189+ }
188190 }
189191 }
190- }
191- if ( reject ) {
192- Debug . logError ("For security reason this URL is not accepted" , MODULE );
193- throw new RuntimeException ( "For security reason this URL is not accepted" );
192+ if ( reject ) {
193+ Debug . logError ( "For security reason this URL is not accepted" , MODULE );
194+ throw new RuntimeException ("For security reason this URL is not accepted" );
195+ }
194196 }
195197 }
196198
0 commit comments