[
https://issues.apache.org/jira/browse/SOLR-8887?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Mark Miller updated SOLR-8887:
------------------------------
Fix Version/s: master
> Solr Security features cannot export the internal, deprecated
> DefaultHttpClient class as part of their user facing API.
> -----------------------------------------------------------------------------------------------------------------------
>
> Key: SOLR-8887
> URL: https://issues.apache.org/jira/browse/SOLR-8887
> Project: Solr
> Issue Type: Bug
> Reporter: Mark Miller
> Priority: Critical
> Fix For: master
>
>
> Seems security now really depends on HttpClientConfigurer. That class was
> only used for tests previously, and was at best completely unsupported. We
> can't promise an API that locks us into an internal, low level, class from a
> lib. Especially a deprecated one. Solr wants to own the http layer, not get
> locked into impls.
> We need to stop using DefaultHttpClient, and it's going to break this stuff.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
