I figured out what the actual default receiver_whitelist is through the
GroovySandboxExpressionChecked code, and if I want to add java.lang.String
to the whitelist, I'd just have to add its classname to the other
classnames in the script.groovy.sandbox.receiver_whitelist setting in
elasticsearc
Thanks, I'll just need to find what is the actual whitelist and how to have
a custom one then. If someone has any clue ?
Le mercredi 10 décembre 2014 11:27:52 UTC+1, Jörg Prante a écrit :
>
> No. I think ES developers configured the sandbox to deny java.lang.* calls
> and java.lang.String is not
No. I think ES developers configured the sandbox to deny java.lang.* calls
and java.lang.String is not in the whitelist.
https://github.com/elasticsearch/elasticsearch/blob/b43b56a6a85f7dd131086fd83dc9267aecbbf0a3/src/main/java/org/elasticsearch/script/groovy/GroovySandboxExpressionChecker.java#L9
May this exception be caused by a bad dynamic_scripting parameter ?
Le mercredi 10 décembre 2014 11:10:14 UTC+1, Dunaeth a écrit :
>
> Here it is :
>
> [log-2014-02][0]: SearchParseException[[log-2014-02][0]: from[-1],size[0]:
>> Parse Failure [Failed to parse source
>> [{"size":0,"aggs":{"prefi
Here it is :
[log-2014-02][0]: SearchParseException[[log-2014-02][0]: from[-1],size[0]:
> Parse Failure [Failed to parse source
> [{"size":0,"aggs":{"prefilter":{"filter":{"and":[{"bool":{"must":[{"term":{"valid":true}},{"term":{"shop_id":"1838"}}]}},{"range":{"date":{"gte":"2014-11-08T23:00:00.
Can you post the security exception?
Jörg
On Wed, Dec 10, 2014 at 11:02 AM, Dunaeth wrote:
> Hi,
>
> With ES 1.4, the default scripting language switched from mvel to groovy.
> We were using script fields in our queries like
> «String.format('%02d',doc.date.date.monthOfYear)», is there a way to