Santizing query-strings


(Malte Schirmacher) #1

Hello Elasticsearch-users,

are there best practices for sanitizing query strings?

What i want to do is
a) dont let users issue expensive queries
b) hinder some users from searching specific fields
c) internationalize field names.

OK, c) isn't really sanitizing, but i think all 3 points would require a
pre parsing process, so i thought i also mention this :slight_smile:
Is there a way to do this? And if not, why are we the only ones with this
requirements?

Thanks in advance
thana

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/a8c3a89f-6c54-40b0-a4d9-10966e848d7e%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.


(Binh Ly) #2

Your best bet is probably a custom parser with your own grammar. On the ES
side, if you use something like a simple_query_string or a match query, it
would also help a little bit (instead of using the query_string query).

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/47cc8395-9802-4443-bdd7-a98a74b43961%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.


(Malte Schirmacher) #3

Thanks for your answer :slight_smile:
How would i do that?

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/389ccbc7-6d09-4ad6-b552-c5b3e4586a7b%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.


(system) #4