Sounds like a nice approach you have done. BTW, I have not used DisMax handler yet, but does it handle *:* properly? IOW, do you care if users issue this query, or does DisMax treat this query string differently than standard request handler? Basically given my UI, I'm trying to *hide* the total count from users searching for *everything*, though this syntax has helped me debug/monitor the state of my search doc pool size.
Thanks, Michael Alexey-34 wrote: > > I added some kind of pre and post processing of Solr results for this, > i.e. > > If I find fieldname specified in query string in form of > "fieldname:term" then I pass this query string to standard request > handler, otherwise use DisMaxRequestHandler ( DisMaxRequestHandler > doesn't break the query, at least I haven't seen yet ). If standard > request handler throws error ( invalid field, too many clauses, etc ) > then I pass original query to DisMax request handler. > > Alex > > On Mon, Nov 9, 2009 at 10:05 PM, michael8 <mich...@saracatech.com> wrote: >> >> Hi Julian, >> >> Saw you post on exactly the question I have. I'm curious if you got any >> response directly, or figured out a way to do this by now that you could >> share? I'm in the same situation trying to 'sanitize' the query string >> coming in before handing it to solr. I do see that characters like ":" >> could break the query, but am curious if anyone has come up with a >> general >> solution as I think this must be a fairly common problem for any solr >> deployment to tackle. >> >> Thanks, >> Michael >> >> >> Julian Davchev wrote: >>> >>> Hi, >>> Is there anything special that can be done for sanitizing user input >>> before passed as query to solr. >>> Not allowing * and ? as first char is only thing I can thing of right >>> now. Anything else it should somehow handle. >>> >>> I am not able to find any relevant document. >>> >>> >> >> -- >> View this message in context: >> http://old.nabble.com/sanizing-filtering-query-string-for-security-tp21516844p26271891.html >> Sent from the Solr - User mailing list archive at Nabble.com. >> >> > > -- View this message in context: http://old.nabble.com/sanizing-filtering-query-string-for-security-tp21516844p26274459.html Sent from the Solr - User mailing list archive at Nabble.com.
