/** * This method is used to apply htmlspecialchars on all document fields that * are not configured to be secure. Secure mean that we know where the content is comming from. * * @param array $documents * @return \Apache_Solr_Document[] */ protected function applyHtmlSpecialCharsOnAllFields(array $documents) { $trustedSolrFields = $this->configuration->getSearchTrustedFieldsArray(); foreach ($documents as $key => $document) { $fieldNames = $document->getFieldNames(); foreach ($fieldNames as $fieldName) { if (in_array($fieldName, $trustedSolrFields)) { // we skip this field, since it was marked as secure continue; } $document->{$fieldName} = $this->applyHtmlSpecialCharsOnSingleFieldValue($document->{$fieldName}); } $documents[$key] = $document; } return $documents; }