Robert Muir
33ca971d2b
SOLR-14020: move hadoop hacks out of lucene TestSecurityManager into a solr one
2019-12-05 14:53:23 -05:00
Andrzej Bialecki
d2b01ef28f
SOLR-13831: Context property _loop_iter_ should be a string in order to support
...
variable expansion.
2019-12-05 18:27:12 +01:00
Anshum Gupta
2387bb9d60
SOLR-13990: Switch out woodstox-core-asl with aalto-xml and upgrade woodstox stax-2 API ( #1050 )
2019-12-05 18:37:53 +05:30
Robert Muir
e77027dd8c
SOLR-13993: sandbox velocity template render (if security manager is enabled)
...
The solr permissions are weak sauce due to the huge number of features, third-party dependencies, etc.
Hence they have access to do many things. For "scripting" such as velocity we have to look at a more aggressive stance:
Step 1: Can we wrap a sandbox around the whole goddamn thing and call it a day?
Step 2: Let's separate the "engine" from "untrusted code" and only be an asshole to the latter.
Step 3: Java's security is shit, Lets contain that classloader and whitelist access.
2019-12-05 01:06:38 -05:00
Munendra S N
12e8cca644
SOLR-11706: add support for aggregation on multivalued fields
...
* min, max, sum, sumsq, avg, stddev, variance, percentile aggregations
in JSON facets now supports multivalued fields
2019-12-05 10:48:22 +05:30
Robert Muir
c4126ef858
SOLR-14015: remove blanket filesystem read access from solr-tests.policy
...
Restrict this to only minimal paths like lucene. It is the defense for directory traversal attacks.
It will also help find bad bugs where things are reading filesystem in the wrong locations.
2019-12-04 23:16:19 -05:00
Andrzej Bialecki
f71c2c8e92
SOLR-13981: Remove unused DistributedQueue interface. (Andras Salamon)
2019-12-04 11:23:49 +01:00
Ishan Chattopadhyaya
2096b1a52e
Add back-compat indices for 8.3.1
2019-12-04 10:17:27 +05:30
Ishan Chattopadhyaya
98c427f48a
Add bugfix version 8.3.1
2019-12-04 10:07:08 +05:30
Ishan Chattopadhyaya
3ee7a960b8
DOAP changes for release 8.3.1
2019-12-04 09:59:12 +05:30
Robert Muir
8f6921d47b
SOLR-14001: fix HDFS jaas on 32bit, unix, old jdk, etc
2019-12-03 23:12:27 -05:00
Robert Muir
becc16fb28
SOLR-14002: fix another static leak in test
2019-12-03 22:43:11 -05:00
Robert Muir
165529767b
SOLR-14000: clean up more static field leaks in tests
...
On windows, these objects can't be inspected due to security restrictions. So the test runner fails the tests since it does not know how big the leak is.
2019-12-03 18:51:00 -05:00
Jeff
16f793915e
SOLR-13926: javadocs on CompositeIdRouter
...
Closes #1009
2019-12-03 17:43:01 -05:00
Anshum Gupta
09df6647ac
SOLR-13998: Add thread safety annotations to classes ( #1053 )
2019-12-04 01:19:56 +05:30
David Smiley
323b214dc3
GitHub PR template: inform committers this can be removed
2019-12-03 12:23:30 -05:00
Dawid Weiss
0f61aa9516
Forbidden APIs: add missing root locale.
2019-12-03 13:07:23 +01:00
Dawid Weiss
6f0842eaa5
Use toLowerCase with an explicit locale in CheckLinksAndAnchors.
2019-12-03 13:01:43 +01:00
Robert Muir
9e5d11be8a
fix static leaks, null stuff out in afterclass
2019-12-03 06:28:19 -05:00
Robert Muir
c8c9c10023
SOLR-13982: set security-related http response headers by default
...
Unfortunately, as a first start this is very weak protection against
e.g. XSS. This is because some 'unsafe-xxx' rules must be present due
to the insecurity of angular JS: Until SOLR-13987 is fixed, XSS & co are
still easy.
2019-12-03 06:12:33 -05:00
Adrien Grand
441abb8319
Fix CHANGES formatting.
2019-12-03 11:28:36 +01:00
noble
a51c7b89f2
SOLR-13995: Move ZkShardTerms.Terms to SolrJ
2019-12-03 15:16:34 +11:00
Noble Paul
d8f9f47ca0
SOLR-13992: Refactor code to have collection, shard name in Replica,Slice ( #1051 )
...
* SOLR-13992: Refactor code to have collection name shard name in Replica,Slice
2019-12-03 13:10:19 +11:00
Robert Muir
aebf7f7a46
SOLR-13991: clean up permissions in solr-tests.policy AKA break all the tests to hell, please ping the issue for repeated test failures
2019-12-02 20:34:40 -05:00
Cassandra Targett
de1c9fb9e8
SOLR-13885: various Ref Guide typos. This closes #990
2019-12-02 13:33:45 -06:00
Mikhail Khludnev
eb3a4757ff
LUCENE-9073: IntervalQuery expose field on toString and explain
2019-12-02 19:12:05 +03:00
Bruno Roustant
71f1bc33b3
LUCENE-9045: Do not use TreeMap/TreeSet in BlockTree and PerFieldPostingsFormat.
...
Closes #1007
2019-12-02 14:30:24 +01:00
Robert Muir
2cd4a8ac9a
LUCENE-9076: give replicator its own policy rather than reusing solr policy
2019-12-02 06:55:02 -05:00
Robert Muir
1d238c844e
SOLR-13986: remove execute permission from solr-tests.policy
2019-12-02 05:36:29 -05:00
Shalin Shekhar Mangar
5a697344ed
SOLR-13805: NPE when calling /solr/admin/info/health on standalone solr
2019-11-30 10:04:00 +05:30
Jan Høydahl
936f4b6ee9
SOLR-13977: solr create -c not working under Windows 10
2019-11-29 01:22:06 +01:00
Jan Høydahl
48010ffc9f
Add 8.3.1 CHANGES entry for SOLR-13465, SOLR-13941 and SOLR-13905
2019-11-28 20:56:57 +01:00
David Smiley
6a72b81ed3
SOLR-13971: Revert changes to the default configset.
...
* clarified these are Java system properties
* trivial dead code change; Boolean.getBoolean returns a primitive
2019-11-28 10:45:58 -05:00
Bruno Roustant
b4cc3c6ad2
SOLR-13968: Support postingsFormat and docValuesFormat in schema fields.
...
Closes #1039
2019-11-28 16:13:10 +01:00
Atri Sharma
165f6b276c
Revert "LUCENE-8213: Asynchronous Caching in LRUQueryCache ( #916 )" ( #1044 )
...
This reverts commit 2d98a619dd
.
2019-11-28 20:18:52 +05:30
Atri Sharma
e4bd0f3624
Revert "Remove excessively strict assertion in testLRUConcurrentCachingAcrossSegments"
...
This reverts commit cc4f3802ef
.
2019-11-28 20:15:18 +05:30
Bruno Roustant
8bd5d7dd2e
LUCENE-8983: TestPhraseWildcardQuery more robust wrt randomization.
2019-11-28 12:55:56 +01:00
Ishan Chattopadhyaya
212593d362
SOLR-13971: Renamed the velocity template parameter names
2019-11-28 15:46:26 +05:30
Jan Høydahl
9f78482295
SOLR-13969: Clean up and document AuditEvent API ( #1041 )
2019-11-28 09:55:11 +01:00
Atri Sharma
cc4f3802ef
Remove excessively strict assertion in testLRUConcurrentCachingAcrossSegments
2019-11-28 09:42:21 +05:30
Ishan Chattopadhyaya
50e8cea918
SOLR-13971: Removing velocity from _default and disabling custom template support by default
2019-11-28 07:52:43 +05:30
Alan Woodward
bed694ec88
LUCENE-9062: QueryVisitor.consumeTermsMatching ( #1037 )
...
This commit adds a consumeTermsMatching() method to QueryVisitor, allowing
queries that match against a class of terms to report this back to the visitor. It also
changes highlighting code to use this new method, replacing the current implementation
via instanceof checks.
2019-11-27 16:28:19 +00:00
Andrzej Bialecki
47a908a0b9
Fix the list of common handler metrics.
2019-11-27 15:59:53 +01:00
iverase
9d374b69a3
Fix failing test due to a typo
2019-11-27 12:20:14 +01:00
Ignacio Vera
14dc678f39
LUCENE-9067: Polygon2D#contains is now thread safe ( #1040 )
...
Use a byte to handle the logic if a point lies on the boundary.
2019-11-27 12:09:23 +01:00
Bruno Roustant
8485b5a939
LUCENE-8983: Add PhraseWildcardQuery to control multi-terms expansions in phrase.
2019-11-27 10:53:45 +01:00
Benedict Jin
f70e21c91c
Fix typos in various comments and log msgs ( #1000 )
2019-11-27 10:34:00 +01:00
Harry Wood
451e2da779
Fix typo ( #934 )
...
Fix missing word. "one **which** has too many states"
2019-11-27 09:53:11 +01:00
Noa Horn
2a88b3dced
Fix error message ( #108 )
...
There was a missing space in error message
2019-11-27 09:29:03 +01:00
Rohan Bhargava
76d9297c11
made minor changes to docstring ( #234 )
2019-11-27 08:57:18 +01:00