Re: sanizing/filtering query string for security

2009-11-10 Thread michael8
tta, Hadoop, HBase, UIMA, NLP, NER, IR > > > > - Original Message >> From: Alexey Serba >> To: solr-user@lucene.apache.org >> Sent: Mon, November 9, 2009 5:23:52 PM >> Subject: Re: sanizing/filtering query string for security >> >> >

Re: sanizing/filtering query string for security

2009-11-09 Thread Otis Gospodnetic
r-user@lucene.apache.org > Sent: Mon, November 9, 2009 5:23:52 PM > Subject: Re: sanizing/filtering query string for security > > > BTW, I have not used DisMax handler yet, but does it handle *:* properly? > See q.alt DisMax parameter > http://wiki.apache.org/solr/DisMaxRequestHandler#q.alt

Re: sanizing/filtering query string for security

2009-11-09 Thread Alexey Serba
hael >>> >>> >>> Julian Davchev wrote: >>>> >>>> Hi, >>>> Is there anything special that can be done for sanitizing user input >>>> before passed as query to solr. >>>> Not allowing * and ? as first char is only thing I can thing of r

Re: sanizing/filtering query string for security

2009-11-09 Thread Otis Gospodnetic
9, 2009 4:59:33 PM > Subject: Re: sanizing/filtering query string for security > > > Sounds like a nice approach you have done. BTW, I have not used DisMax > handler yet, but does it handle *:* properly? IOW, do you care if users > issue this query, or does DisMax treat this qu

Re: sanizing/filtering query string for security

2009-11-09 Thread michael8
, >>> Is there anything special that can be done for sanitizing user input >>> before passed as query to solr. >>> Not allowing * and ? as first char is only thing I can thing of right >>> now. Anything else it should somehow handle. >>

Re: sanizing/filtering query string for security

2009-11-09 Thread Alexey Serba
ing special that can be done for sanitizing user input >> before passed as query to solr. >> Not allowing * and ? as first char is only thing I can thing of right >> now. Anything else it should somehow handle. >> >> I am not able to find any relevant document. >&

Re: sanizing/filtering query string for security

2009-11-09 Thread michael8
t can be done for sanitizing user input > before passed as query to solr. > Not allowing * and ? as first char is only thing I can thing of right > now. Anything else it should somehow handle. > > I am not able to find any relevant document. > > -- View this message in context

sanizing/filtering query string for security

2009-01-17 Thread Julian Davchev
Hi, Is there anything special that can be done for sanitizing user input before passed as query to solr. Not allowing * and ? as first char is only thing I can thing of right now. Anything else it should somehow handle. I am not able to find any relevant document.