In mysql/mariadb you have the escape_string for making user input search strings more secure.
What is the best way to escape user input or make the user input safer when searching with match and match_all and taking user input ?
is there a good way to escape user input and make it more secure?
There is a way not to report error messages with https://www.elastic.co/guide/en/elasticsearch/reference/1.7/query-dsl-simple-query-string-query.html
but i am looking for a good way to make user input more secure
Do you have an example of something unsecured?
No i do not, but it is scary to have no escaping or sanitization for user input
So why do you think it's unsecured then?
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.