-
Notifications
You must be signed in to change notification settings - Fork 24.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Forbid index name .
and ..
#13862
Forbid index name .
and ..
#13862
Conversation
@xuzha - it looks good to me. Did you verify @divanikus's report first? I trust @divanikus but I figure its good to verify things like this. |
other possibilities like .., /, and \ could probably cause the same issue. |
I also think that other cases are possible. Most dangerous could be ".." or something like that. |
@nik9000 Thanks, I did verify this via TransportClient. I could create index with
In any case, we should forbid name with |
72f1d81
to
7b46b05
Compare
I dug a little bit into this... my idea was to check in
this would prevent any weird path there/is it sufficient? Update: This is still not sufficient as I thought, sorry for the noise. |
Thanks @spinscale, I think we still need to forbid these |
7b46b05
to
d0e4596
Compare
I'm fine with this as is - I don't think its strong enough but it gets us further and prevents some silly mistakes. |
Like - we should still think about preventing more bad index names in a more holistic way - but this isn't going to stop that. |
Like Nik said, this is definitely not strong enough, it just a start. If there is no objection, I would merge it in tomorrow. |
Fixes #13858