[
https://issues.apache.org/jira/browse/SOLR-11495?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Cassandra Targett updated SOLR-11495:
-------------------------------------
Docs Text: (was: Virtually all of the query parsers that Solr supports
are enabled by default, in a map created in QParserPlugin.java.
To reduce the possible attack surface of a default Solr installation, I believe
that the list of default parsers should be limited to a small handful of the
full list that's available. I will discuss specific ideas for that list in
comments.
I think the bar should be very high for admission to the default parser list.
That list should only include those that are most commonly used by the
community. Only the most common parsers will have had extensive review for
security issues.)
> Reduce the list of which query parsers are loaded by default
> ------------------------------------------------------------
>
> Key: SOLR-11495
> URL: https://issues.apache.org/jira/browse/SOLR-11495
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Components: query parsers
> Affects Versions: 7.0
> Reporter: Shawn Heisey
> Priority: Major
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
