On 12/16/06, Mark <[EMAIL PROTECTED]> wrote:
> Jens,
>
> My response was pre-mature, I have a few tests that throw the following
> potentially malicious search queries...
>
> bad_chars = [':', '(, )', '[, ]', '{, }', '!', '+', '"', '~', '^', '-',
> '|', '<, >', '=', '*', '?', '\'', '<script>']
>
> I haven't done thorough testing, but the "<, >" query throws an
> exception. I've had to resort to begin/rescue blocks for now.
>
> Any ideas?
>
> > That did the trick, thanks a ton!
> >
> >> right after your :analyzer option into the second options hash:
> >>
> >> aaf( { :fields => { ... }, :store_class_name => true },
> >> { :analyzer => ..., :handle_parse_errors => true } )
> >>
> >> aaf however doesn't create it's own query parser for normal use cases,
> >> but the option will be given to the internal Ferret Index instance, so
> >> maybe it helps anyway. please tell me if it does so I can correct the
> >> default parameter name in aaf.
This problem has now been fixed.
--
Dave Balmain
http://www.davebalmain.com/
_______________________________________________
Ferret-talk mailing list
[email protected]
http://rubyforge.org/mailman/listinfo/ferret-talk
