On 10/8/2013 3:01 AM, Furkan KAMACI wrote:
> Actually I want to remove special characters and wont send them into my
> Solr indexes. I mean user can send a special query as like a SQL
injection
> and I want to prevent my system such kind of scenarios.
There is a newer javadoc than the *very* old one you are looking at:
http://lucene.apache.org/core/4_5_0/queryparser/org/apache/lucene/queryparser/classic/package-summary.html?is-external=true#Escaping_Special_Characters
When I compare that list to what's actually in the SolrJ
"escapeQueryChars" method, it looks like that method does one additional
character - the semicolon.
http://svn.apache.org/repos/asf/lucene/dev/tags/lucene_solr_4_5_0/solr/solrj/src/java/org/apache/solr/client/solrj/util/ClientUtils.java
Just search the page for "escapeQueryChars" to see the java code.
Thanks,
Shawn
