[
https://issues.apache.org/jira/browse/SLING-573?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13448157#comment-13448157
]
Ian Boston commented on SLING-573:
----------------------------------
Word of caution: In other projects using Sling we found that this type of query
needs to be sanitised if exposed to non administrative users as it make a
perfect DOS vector. Simple queries with wild cards often consume a lot of
resource, although I dont have an example to hand. (If access is controlled
then no problem.)
> google-style shorthand on query.json
> ------------------------------------
>
> Key: SLING-573
> URL: https://issues.apache.org/jira/browse/SLING-573
> Project: Sling
> Issue Type: Improvement
> Components: Servlets
> Reporter: David Nuescheler
>
> it would be great to allow a "q=" parameter similar to google that would
> allow for simple and easy
> querying of the repository in google style.
> this would be an additional feature that would auto detect the querytype
> based on the query.
> it is neither a "sql", "xpath" or google syntax jcr:contains query...
> examples:
> --
> /mynode.query.json?q=SELECT%20*%20FROM%20nt%3abase
> ... translates into ...
> SELECT * FORM nt:base WHERE jcr:path like '/mynode/%'
> --
> /mynode.query.json?q=mytest
> ... translates into ...
> SELECT * FORM nt:base WHERE jcr:path like '/mynode/%' and jcr:contains(*,
> 'mytest')
> --
> or xpath equivalent... ;)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
