Thanks, that is very helpful. Have you tried denying access to some fields in the documents?
On Fri, Dec 25, 2015 at 11:31 AM, Doug Turnbull < dturnb...@opensourceconnections.com> wrote: > We do this all the time, whitelisting only the readonly search end points > we want to support and disallowing excessively large paging. > > Here is a template for an nginx solr proxy. The read me describes more of > our philosophy > > https://github.com/o19s/solr_nginx > > On Friday, December 25, 2015, Eric Dain <ericdai...@gmail.com> wrote: > > > Hi all, > > > > Does allowing javascript direct access to SolrCloud raise security > concern? > > should I build a REST service in between? > > > > I need to provide async search capability to web pages. the pages will be > > public with no authentication. > > > > Happy searching, > > Eric > > > > > -- > *Doug Turnbull **| *Search Relevance Consultant | OpenSource Connections > <http://opensourceconnections.com>, LLC | 240.476.9983 > Author: Relevant Search <http://manning.com/turnbull> > This e-mail and all contents, including attachments, is considered to be > Company Confidential unless explicitly stated otherwise, regardless > of whether attachments are marked as such. >
