You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@lucene.apache.org by "Thomas Mortagne (Jira)" <ji...@apache.org> on 2021/02/08 08:34:00 UTC

[jira] [Commented] (SOLR-14561) Validate parameters to CoreAdminAPI

    [ https://issues.apache.org/jira/browse/SOLR-14561?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17280845#comment-17280845 ] 

Thomas Mortagne commented on SOLR-14561:
----------------------------------------

This change is quite a regression for us. We are using the embedded Solr and store the core configuration and data in different locations (the data goes in a cache/ folder to make clear it's ok to clear it with other XWiki cache related data) using "../../../cache/solr/extension_index" for example. I can understand the initial intent, but I feel it cause more limitations that it fix problems, at the very least it should be possible to disable this protection.

> Validate parameters to CoreAdminAPI
> -----------------------------------
>
>                 Key: SOLR-14561
>                 URL: https://issues.apache.org/jira/browse/SOLR-14561
>             Project: Solr
>          Issue Type: Improvement
>            Reporter: Jan Høydahl
>            Assignee: Jan Høydahl
>            Priority: Major
>             Fix For: 8.6
>
>          Time Spent: 4h 40m
>  Remaining Estimate: 0h
>
> CoreAdminAPI does not validate parameter input. We should limit what users can specify for at least {{instanceDir and dataDir}} params, perhaps restrict them to be relative to SOLR_HOME or SOLR_DATA_HOME.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@lucene.apache.org
For additional commands, e-mail: issues-help@lucene.apache.org