epugh commented on code in PR #3737: URL: https://github.com/apache/solr/pull/3737#discussion_r2414000561
########## solr/bin/solr.in.cmd: ########## @@ -202,7 +202,7 @@ REM set SOLR_GZIP_ENABLED=true REM When running Solr in non-cloud mode and if planning to do distributed search (using the "shards" parameter), the REM list of hosts needs to be defined in an allow-list or Solr will forbid the request. The allow-list can be configured REM in solr.xml, or if you are using the OOTB solr.xml, can be specified using the system property "solr.allowUrls". -REM Alternatively host checking can be disabled by using the system property "solr.disable.allowUrls" +REM Alternatively host checking can be disabled by setting the system property "solr.security.allow.urls.enabled=false" REM set SOLR_OPTS=%SOLR_OPTS% -Dsolr.allowUrls=http://localhost:8983,http://localhost:8984 Review Comment: it hasn't been changed YET, but that was a bit what I was fishing for input.... I think `solr.security.allow.urls` works, as well as `solr.security.allow.paths`. My intent is that the two be backwards compatible, so that folks using `solr.allowUrls` would still work. There is another JIRA i just stumbled upon, https://issues.apache.org/jira/browse/SOLR-17267 that wants solr.xml settings to be configurable from enviornment/system properties. My hope is to make it so that the code that looks up settings from solr.xml will work if you do variable subsitution and have `solr.security.allow.urls` OR `solr.allowUrls`. And of course, logs a warning on if your solr.xml looks like: `<str name="allowUrls">${solr.allowUrls:}</str>` versus `<str name="allowUrls">${solr.security.allow.urls:}</str>`. What I haven't thought about is should the actual variable IN solr.xml move to dot notation? Today: ``` <str name="modules">${solr.modules:}</str> <str name="allowPaths">${solr.allowPaths:}</str> <str name="allowUrls">${solr.allowUrls:}</str> <str name="hideStackTrace">${solr.hideStackTrace:false}</str> ``` Future???? ``` <str name="solr.modules">${solr.modules:}</str> <str name="solr.security.allow.paths">${solr.allowPaths:}</str> <str name="solr.security.allow.urls">${solr.allowUrls:}</str> <str name="solr.responses.stacktrace.enabled">${solr.hideStackTrace:false}</str> ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
