Dear Solr users,
I am building a Solr 4.8 search engine that will hold documents containing
subscription-only content. We want potential customers to be able to search
the full content. And we also want to show them highlighted context
snippets from the full contents.
So, I have included the
Unfortunately, it's not really advisable to allow open access to Solr to
the open web.
There are many avenues of DOSing a Solr install otherwise, and depending on
how it's configured, some more intrusive vulnerabilities.
Michael Della Bitta
Applications Developer
o: +1 646 532 3062
appinions
Thanks, Michael ... so if I plan to do client-side ajax, you would suggest
to call back an ajax proxy rather than query the Solr instance directly?
2014-06-23 14:57 GMT+02:00 Michael Della Bitta
michael.della.bi...@appinions.com:
Unfortunately, it's not really advisable to allow open access to
Yes, that's the general model. Use a layer in between your clients and Solr
to restrict access to what you wish to let people to do.
Generally speaking, you should expose a SearchHandler that hardcodes the fl
param to prevent retrieval of your full text field, and uses a filter query
param to