WARNING: Version 5.x has passed its EOL date.
This documentation is no longer being maintained and may be removed. If you are running this version, we strongly advise you to upgrade. For the latest information, see the current release documentation.
Tips and Tricks
editTips and Tricks
editThis page lists some general tips and tricks provided by the community
Posting Elasticsearch queries from JavaScript
editConsider a scenario where you are using client side libraries like elasticjs
but want security to be provided by server side business logic. Consider this example using WebAPI
WARN: make sure dynamic scripting is turned off if you decide to open the full query DSL to the client!
[RoutePrefix("api/Search")] public class SearchController : ApiController { [ActionName("_search")] public IHttpActionResult Post([FromBody]SearchDescriptor<dynamic> query) {; var client = new ElasticClient(); //Your server side security goes here var result = client.Search(q => query); return Ok(result); } }
The fragments [RoutePrefix("api/Search")]
and [ActionName("_search")]
will let you change your elastic search Url
from http://localhost:9200/_search
to http://yourwebsite/api/Search/_search
and let things work as normal.
The fragment [FromBody]SearchDescriptor<dynamic> query
will convert the JSON query into NEST SearchDescriptor.
The fragment client.Search(q => query)
will execute the query.