lucene-solr-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Erik Hatcher <>
Subject Re: Solr security
Date Mon, 17 Nov 2008 13:54:56 GMT

On Nov 16, 2008, at 6:12 PM, Ian Holsman wrote:
> famous last words and all, but you shouldn't be just passing what a  
> user types directly into a application should you?


> I'd be parsing out wildcards, boosts, and fuzzy searches (or at  
> least thinking about the effects).
> I mean "jakarta apache"~1000 or roam~0.1 aren't as efficient as a  
> regular query.

Sounds like the perfect case for a query parser plugin... or use  
dismax as Ryan mentioned.  Shouldn't Solr be hardened for these cases  
anyway?  Or at least hardenable.

> but they don't let me into design meetings any more ;(

Apparently they shouldn't let me into them either ;)


View raw message