-
Bug
-
Resolution: Fixed
-
Highest
-
1.4.4, 2.0.1
-
None
We have had reports that the search query string is not correctly XML Encoded before being redisplayed to the user.
[CONFSERVER-4825] Search results page needs to XML encode the query string provided by the user.
Daniel Ostermeier
added a comment - These versions of the files are for Confluence 1.4 instances. Please follow the same installation instructions as for the Cofluence 2.0 patch files.
Daniel Ostermeier
added a comment - These versions of the files are for Confluence 1.4 instances. Please follow the same installation instructions as for the Cofluence 2.0 patch files. Daniel Ostermeier
added a comment - These are the patched files for the 2.0 and 2.0.1 installations. These fixes are shipped with 2.0.2. To install these patches, please place these files in the following locations (replacing the original copies):
WEBAPP_ROOT/decorators/components/searchresults.vmd
WEBAPP_ROOT/search/searchsite-results.vm
When you copy these files into your Confluence installation, please remove the .2.0 suffix.
Before installing, remember to make a backup of the original files.
Daniel Ostermeier
added a comment - These are the patched files for the 2.0 and 2.0.1 installations. These fixes are shipped with 2.0.2. To install these patches, please place these files in the following locations (replacing the original copies):
WEBAPP_ROOT/decorators/components/searchresults.vmd
WEBAPP_ROOT/search/searchsite-results.vm
When you copy these files into your Confluence installation, please remove the .2.0 suffix.
Before installing, remember to make a backup of the original files. Daniel Ostermeier
added a comment - Fix this and provide patch files for 1.4.x and 2.0.x releases. 
Fixed the template files, surrounded the $queryString references with $generalUtil.escapeXml(....);