diff --git a/solr-security-proxy.js b/solr-security-proxy.js index df63756..12ded7f 100644 --- a/solr-security-proxy.js +++ b/solr-security-proxy.js @@ -6,6 +6,29 @@ var httpProxy = require('http-proxy'), optimist = require('optimist'), SolrSecurityProxy = exports; +/* + * Preprocess query parameters to handle Solr local parameters containing special symbols + */ +function preprocessQueryParams(query) { + var processedQuery = {}; + Object.keys(query).forEach(function(key) { + if (key === 'facet.field') { + // Handle facet.field as string or array + var fields = Array.isArray(query[key]) ? query[key] : [query[key]]; + processedQuery[key] = fields.map(function(field) { + if (typeof field === 'string' && field.match(/^{!.*}/)) { + var match = field.match(/^{!.*?}(.*)$/); + return match ? match[1] : field; + } + return field; + }); + } else { + processedQuery[key] = query[key]; + } + }); + return processedQuery; +} + /* * Returns true if the request satisfies the following conditions: * - HTTP method (eg. GET,POST,..) is not in options.invalidHttpMethods @@ -13,12 +36,17 @@ var httpProxy = require('http-proxy'), * - All request query params (eg ?q=, ?stream.url=) not in options.invalidParams */ var validateRequest = function(request, options) { - var parsedUrl = url.parse(request.url, true), - path = parsedUrl.pathname, + var parsedUrl = url.parse(request.url, true); + parsedUrl.query = preprocessQueryParams(parsedUrl.query); + request.url = url.format({ + pathname: parsedUrl.pathname, + query: parsedUrl.query + }); + var path = parsedUrl.pathname, queryParams = Object.keys(parsedUrl.query); return options.invalidHttpMethods.indexOf(request.method) === -1 && - options.validPaths.indexOf(parsedUrl.pathname) !== -1 && + options.validPaths.indexOf(path) !== -1 && queryParams.every(function(p) { var paramPrefix = p.split('.')[0]; // invalidate not just "stream", but "stream.*" return options.invalidParams.indexOf(paramPrefix) === -1;