You are here: Foswiki>Tasks Web>Item408 (07 Dec 2008, KennethLavrsen)Edit Attach

Item408: WebSearchAdvanced has problems with quoted words and bookview is a server killer.

Priority: Normal
Current State: Closed
Released In: 1.0.0
Target Release: patch

Applies To: Engine
Component:
Branches:

Reported By: Foswiki:Main.KennethLavrsen
Waiting For: Main.KennethLavrsen
Last Change By: KennethLavrsen

There are two issues with WebSearchAdvanced

First it has same issue as WebSearch with the URLPARAM inside SEARCH without encode="quote".

Worse it has a feature called bookview.

This creates a search result with the entire content of the found topics.

The feature as such is OK used in controlled searches that returns few topics.

But on a generic search topic it fails. The search for "Skin" in System web times out in the browser. It takes almost a minute to return.

On a production server with many webs and topics a couple of bookview searches in all webs is enough to launch a DOS attack.

In public the feature is horrible.

I will simply remove the feature from the page. It cannot be used for much in practical life. The bookview feature as such is still in Foswiki. Just not visible to fumbling users and search engines and attackers.

I am also fixing a wrong link to simple search.

-- KennethLavrsen - 07 Dec 2008

ItemTemplate edit

Summary	WebSearchAdvanced has problems with quoted words and bookview is a server killer.
ReportedBy	Foswiki:Main.KennethLavrsen
Codebase
SVN Range	SVN 1197: Foswiki-0.9.0, Fri, 05 Dec 2008, build 1179
AppliesTo	Engine
Component
Priority	Normal
CurrentState	Closed
WaitingFor	KennethLavrsen
Checkins	distro:279b1c21b449
TargetRelease	patch
ReleasedIn	1.0.0