The general assumption in deploying a search platform is that you are going to front it with a service you write that has the search features you care about, and only those. Only this service or other administrative functions should reach Solr. Be wary of making your service so flexible to support arbitrary parameters you pass to Solr as-is that you don't know about in advance (i.e. use an allow-list).
~ David Smiley Apache Lucene/Solr Search Developer http://www.linkedin.com/in/davidwsmiley On Mon, Aug 31, 2020 at 10:57 AM Mark Robinson <mark123lea...@gmail.com> wrote: > Hi, > I had come across a mail (Oct, 2019 one) which suggested the best way is to > handle it before it reaches Solr. I was curious whether:- > 1. Jetty query filter can be used (came across something like > that,, need to check) > 2. Any new features in Solr itself (like in a request handler...or > solrconfig, schema etc..) > > Thanks! > Mark >