: Why might this bit of code in SolrDispatchFilter be useful?
:
: if( qt != null && qt.startsWith( "/" ) ) {
: throw new SolrException( SolrException.ErrorCode.BAD_REQUEST,
: "Invalid query type. Do not use /select to access: "+qt);
: }
I believe it was intended as a "security" aid when the new path style
handler names were introduced. the idea was that "qt" was going to be
deprecated, and as new solradmins configure solr ports with path style
handler names, they might (reasonably) expect that enabling path based
authentication/filters in their servlet containers would help protect
those -- this bit of code prevents users from bypassing security of that
type by exploiting legacy behavior.
that's my understanding ... but i don't have a strong opinion about
leaving it or changing it.
It seems like it might be just as useful to kill all knowledge of "qt"
from SolrDispatchFilter, and move that functionality to a
"DelegatingRequestHandler" that people could register as "/select" if they
want the legacy behavior. (which would simplify SolrDispatchFilter in the
common case)
-Hoss
