lucene-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Yonik Seeley (JIRA)" <>
Subject [jira] [Commented] (SOLR-4197) EDismax allows end users to use local params in q= to override global params
Date Mon, 17 Dec 2012 22:20:13 GMT


Yonik Seeley commented on SOLR-4197:

Options for forcing edismax and prohibiting changing the query type or adding other parameters
via localParams (as opposed to just defaulting):
1) prepend a space to the user query
2) prepend {!edismax} to the user query
3) use a different parameter:  q={!edismax v=$qq}&qq=user_query

If you do any of these and get a syntax error back, then it's an edismax escaping bug that
we need to handle.
> EDismax allows end users to use local params in q= to override global params
> ----------------------------------------------------------------------------
>                 Key: SOLR-4197
>                 URL:
>             Project: Solr
>          Issue Type: Bug
>    Affects Versions: 3.5, 3.6, 4.0
>            Reporter: Peter Wolanin
> Edismax is advertised as suitable to be used to "process advanced user input directly".
 Thus, it would seem reasonable to have an application directly pass user input in the q=
parameter to a back-end Solr server.
> However, it seems that users can enter local params at the start of q= which override
the global params that the application (e.g. website) may have set on the query string.  Confirmed
with Erik Hatcher that this is somewhat unexpected behavior (though one could argue it's an
expected feature of any query parser)
> Proposed fix - add a parameter (e.g. that can be used as an invariant) that can be passed
to inhibit Solr from using local params from the q= parameter.
> This is somewhat related to SOLR-1687

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message