I'm new to ES and wondering if the search function sanitizes the inner "query" field in the body parameter when handed something like:
"query": {
"filtered": {
"query": {
"match": {
"_all": {
"query": "[THIS PARAMETER]",
"operator": "and"
}
}
}
}
}
I've tried every input I can to break it and I can't seem to. I created a sanitization function but that was actually leading to worse search results when searching strings such as "&" or "+". I've looked through the code and can't seem to find any obvious sanitization of that field. I just want to be sure before I send a user's search query right through the function.
Thanks
I see three more possible approaches to validate es against an inverted attack against the indexes, which are databases, in an attack similar to SQL injection:
How well do you know Lucene and how it handles attacks? Pursuing Lucene architecture and supporting code directly may provide you with insight into how es handles attacks
Try a SOLR approach, which also uses Lucene, and see how SOLR handles attacks; SOLR fell behind es, then has been catching up and improving other areas; there are some interesting SWOT architectural comparisons between es and SOLR
Lay down part of the ELK stack--at least Kibana and es, and test Kibana, which may generate other es/Lucene code that you could test
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.