This is/was a security hole and a big anti-pattern.
Velocity is removed from the upcoming 9.0 release, so guess you're on your own
if you want to keep using it.
Jan
> 3. feb. 2022 kl. 08:58 skrev Schluchtmann, Jan Christopher
> :
>
> I need your help ...
>
> In SOLR 7.5 I was able to get hold
Hi,
The project produces official Docker images for every release, including our
own bugfix releases.
These images are based on an OpenJDK base image, which is again based on a
Linux base image.
Once in a while, when there is a serious bugfix in either Linux or Java the
Solr image gets re-built
> On Feb 3, 2022, at 3:03 AM, Jan Høydahl wrote:
>
> This is/was a security hole and a big anti-pattern.
Is this still possible in 8.x? If so, I think it would be worth putting in the
docs that it can be a security problem. I can probably do that.
Andy
The original question was cross posted to dev list (this list actually is
the better list for this question btw). I saw that one first and replied
there with a lot of detail on how this came to change. Here's what I wrote
there:
Before proceeding you should review
https://issues.apache.org/jira/br
This I would consider a bug.
Probably the easiest approach to stream data from the /export handler with
Solrj is to use a SolrStream to send a Streaming Expression that reads from
the export handler. This blog describes the approach:
https://lucidworks.com/post/streaming-expressions-in-solrj/
J
