On 10/22/2013 11:52 AM, Raymond Wiker wrote:
I have numerous search applications that only involve SOLR, jQuery, Apache... and two additional server processes, one of which does query validation, adds filtering and does an XSL transform of the search results, while the other does a number of application-specific support tasks. No SOLR API, except for HTTP. The most recent search interface I did uses "solrstrap" to do most of the UI work. In summary: No problem making a search interface that runs as a single web page.
You're right that it's *possible* to make a javascript-based search page. If you do so by requiring the user's browser to contact Solr directly, it is not *safe* to do so. From what you've said, you don't allow direct access to Solr. By putting Solr behind an intelligent proxy that can restrict what gets through, you've made it safe.
Thanks, Shawn
