Description
Description
As seen in this issue, it could be interesting to warn users about cross-site scripting injection know as XSS injection.
Indeed, MeiliSearch does not offer any sanitization mechanism for the moment and it is up to the developers to implement it, either by cleaning the document before indexing the data in MeiliSearch or before interpreting the result and displaying it after a search.
Algolia made the same choice and explain it on a dedicated page.
Now that I think about it, sanitization could be a part of a page dedicated to the cleaning of the data to be indexed, having a page dedicated to this would also allow talking about the naming of the attributes to facet within a document to be indexed. Since the search engine will choose the first result for a facet, if two documents have jk Rowling and JK Rowling, the author facet can have jk Rowling or JK Rowling as a value for two different searches. It requires identical values if the user doesn't want a facet that could change upper-and lowercase spelling between searches.