Closed
Bug 943478
Opened 11 years ago
Closed 11 years ago
esFrontLine does not whitelist allowed indexes
Categories
(Testing :: General, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: st3fan, Assigned: ekyle)
References
Details
On the test instance I was able to query indexes like org_chart131126_145625, reviews131125_034647 and telemetry_agg_valid_201302. It might be better to whitelist specific index names that are to be made publicly available. If the public bugs index is the only index that will be hosted in ES then that may not be needed. Although I think it would be a good safeguard for accidental mistakes.
Assignee | ||
Comment 1•11 years ago
|
||
added whitelist checking https://github.com/klahnakoski/esFrontLine/commit/bce133b1b12ff6792908489834ce3aa6c5afbee9#diff-4f1490608dfd64f043e4585063a302bdR31 test telemetry not allowed https://github.com/klahnakoski/esFrontLine/commit/bce133b1b12ff6792908489834ce3aa6c5afbee9#diff-4f1490608dfd64f043e4585063a302bdR31 test bugs index is allowed https://github.com/klahnakoski/esFrontLine/commit/bce133b1b12ff6792908489834ce3aa6c5afbee9#diff-4f1490608dfd64f043e4585063a302bdR31 added example of whitelist https://github.com/klahnakoski/esFrontLine/commit/39d7d78f54d8c19cd140b65c23174d21a44b70fd#diff-04c6e90faac2675aa89e2176d2eec7d8R61
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•