In mysql/mariadb you have the escape_string for making user input search strings more secure.
What is the best way to escape user input or make the user input safer when searching with match and match_all and taking user input ?
is there a good way to escape user input and make it more secure?
There is a way not to report error messages with https://www.elastic.co/guide/en/elasticsearch/reference/1.7/query-dsl-simple-query-string-query.html
but i am looking for a good way to make user input more secure
Do you have an example of something unsecured?
No i do not, but it is scary to have no escaping or sanitization for user input
So why do you think it's unsecured then?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.