From: Mike Rylander Date: Tue, 21 Feb 2023 21:46:19 +0000 (-0500) Subject: Malicious search protect release notes X-Git-Url: https://old-git.evergreen-ils.org/?a=commitdiff_plain;h=d683e81e2068da3e54ee7165b3c01d7d46fc2c79;p=evergreen%2Fmasslnc.git Malicious search protect release notes Signed-off-by: Mike Rylander Signed-off-by: Jason Boyer --- diff --git a/docs/RELEASE_NOTES_NEXT/Architecture/Malicious-search-protection.adoc b/docs/RELEASE_NOTES_NEXT/Architecture/Malicious-search-protection.adoc new file mode 100644 index 0000000000..de67f38191 --- /dev/null +++ b/docs/RELEASE_NOTES_NEXT/Architecture/Malicious-search-protection.adoc @@ -0,0 +1,23 @@ +== Malicious Search Protection == + +Evergreen sometimes sees some "novel" query strings in the wild that +cause the search backend to time out or worse. These are sometimes +malicious and sometimes accidental, but the effect on users is the +same. + +The changes here improve query compilation in several respects in order +to reduce the chances of an overly complex query causing problems for +the search subsystem. + +More work is done up front to simplify and combine parts of the +resulting SQL, allowing more work to be done closer to the data. +This change allows Evergreen to handle many more tested or chained +boolean expressions, and negated terms are now handled directly in +line with other adjacent terms. Phrases (exact matches) are now +searched for using Postgres' adjacency tsearch operator. + +All of these changes work together to improve performance by getting +more search work done in fewer database operations while protecting +against certain query constructs that have caused problems in the +past. +