Hi,

I have created a custom module which sends rendered entities as full-text fields to Solr. These rendered entities contain HTML, which Solr gladly accepts, although I am not sure what this means for indexing, but these fields are just used for quickly showing rendered results from Solr using Apache Solr Views.

In the current version of the apachesolr_views_handler_field class, only the get_value() function has been implemented, which is fine for displaying RAW values, i.e. with no HTML. However, when the field contains HTML, it is being rendered as escaped HTML, rather than rendered HTML, which is not what I want nor expect.

I have tinkered some with the apachesolr_views_handler_field class, and I found that when I implement the render($values) function, using the exact same body as the get_value() function, the HTML renders properly. Non-HTML fields render just fine with the function implemented.

If you want, I can provide a patch.

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

afox’s picture

I faced with the same issue. Thanks for pointing to the render() -method. Attached is a patch we used to fix the issue. I just added XSS-sanitation to render which does the trick.

afox’s picture

Status: Active » Needs review
manarth’s picture

See also #1651386: HTML entities in Solr index being escaped again which has an alternative patch.

Martijn Houtman’s picture

I think the patch in #3 made it to the current -dev, and I don't think it solved my problem. The patch in #1 works for me.

yoavi’s picture

confirm patch #1 works for me
thanks

MiroslavBanov’s picture

Issue summary: View changes
Status: Needs review » Needs work

check_plain() is the default behavior for views field handlers. It is not correct to override this for all apachesolr_views field handlers. This may break existing implementations, and is not consistent with how database views work. See how the views module has a separate field handler specifically for this:

class views_handler_field_markup extends views_handler_field {
Robert Castelo’s picture

Here's the patch from #1 but using filter_xss() instead of sanitize_value() so that we can include a few extra HTML tags:

'img', 'button', 'div', 'span', 'h2', 'h3', 'h4', 'article', 'br', 'p', 'table', 'tr', 'td'

nplowman’s picture

If you are looking to do this without patching the original module, here is a solution that I pieced together based on an example in the Views Navigation module that will allow you to override the field handler on a case-by-case basis from a custom module.

/**
 * Implements hook_views_data_alter().
 */
function my_module_views_data_alter(&$data) {
  foreach ($data as &$table) {
    foreach ($table as &$item) {
      if (isset($item['field']) && isset($item['field']['handler'])) {
        if ($item['title'] == 'my_field') {
          $item['field']['handler'] = 'apachesolr_views_handler_field_markup';
        }
      }
    }
  }
}

/**
 * @file
 * Field handler for rendered HTML markup for Apache Solr Views.
 */
class apachesolr_views_handler_field_markup extends apachesolr_views_handler_field{
  function render($values) {
    $value = $this->get_value($values);
    $value = check_markup($value, 'full_html');
    return $value;
  }
}