Does that 'someone' has direct access to Solr endpoint? Is that a right thing to do in a first place?
But assuming they do (e.g. intranet), you could build on Jack's suggestion and create a couple of query-handler end-points that are only different in invariant raw count value. So, your default search goes to search10, your 25 results page goes to search25, etc. Regards, Alex. Personal blog: http://blog.outerthoughts.com/ LinkedIn: http://www.linkedin.com/in/alexandrerafalovitch - Time is the quality of nature that keeps events from happening all at once. Lately, it doesn't seem to be working. (Anonymous - via GTD book) On Tue, Nov 20, 2012 at 8:23 PM, solr-user <solr-u...@hotmail.com> wrote: > silly question > > is there any configuration value I can set to prevent someone from entering > a bad value for the rows parameter? > > ie to prevent something like "&rows=100000000" from crashing my servers? > > the server I am looking at is a solr v3.6 > > > > -- > View this message in context: > http://lucene.472066.n3.nabble.com/is-there-a-way-to-prevent-abusing-rows-parameter-tp4021467.html > Sent from the Solr - User mailing list archive at Nabble.com. >
