Verity search engine security

I am wondering if there are any security risks with submitting a form entered search and the <cfsearch tag? Currently I'm filtering to allow only alphanumeric characters plus one or two others, but presumably if characters such as angle brackets < > have special meaning to the search engine it is not possible to inject malicious code?
Any help with this and guidance as to where there is a concise explanation of Verity search criteria with examples would be most welcome.
Thanks

oh this is the code
<CFINDEX
collection="collectcmi "
action="refresh"
type="PATH"
key="D:\www\"
extensions=".html, .htm, .cfm, .cfml"
language="spanish"
recurse="yes"
urlPath="
http://mywebsite"
>

Similar Messages

  • Verity search engine or Google Mini?

    Im setting up a website for a medium sized business and havnt
    implemented the Coldfusion Verity search into the site yet... but I
    was looking over the Google Mini and seems like an nice/intuitive
    nice little box.
    Should I go with the $2000 mini price tag if the company
    wants effecient search results?

    Do a malware check with some malware scan programs.<br />
    You need to scan with all programs because each program detects different malware.<br />
    Make sure that you update each program to get the latest version of the database before doing a scan.<br />
    * http://www.malwarebytes.org/mbam.php - Malwarebytes' Anti-Malware
    * http://www.superantispyware.com/ - SuperAntispyware
    * http://www.microsoft.com/windows/products/winfamily/defender/default.mspx - Windows Defender: Home Page
    * http://www.safer-networking.org/en/index.html - Spybot Search & Destroy
    * http://www.lavasoft.com/products/ad_aware_free.php - Ad-Aware Free
    See also "Spyware on Windows": http://kb.mozillazine.org/Popups_not_blocked and [[Searches are redirected to another site]]

  • Verity Search Error

    I just started a Verity search engine for a very large site,
    and have gotten the following error message a couple of times:
    There was a problem while attmpting to perform a search.
    Query has a parsing error. (-40)
    at com.verity.k2.K2Search.receive(Unknown Source)
    at com.verity.search.ProcessSearch.processNormal(Unknown
    Source)
    at com.verity.search.ProcessK2Operation.submit(Unknown
    Source)
    at com.verity.search.VSearch.getPSearch(Unknown Source)
    at com.verity.search.VSearch.getResult(Unknown Source)
    at
    coldfusion.tagext.search.SearchTag.doSearch(SearchTag.java:260)
    at
    coldfusion.tagext.search.SearchTag.doStartTag(SearchTag.java:157)
    at
    coldfusion.runtime.CfJspPage._emptyTag(CfJspPage.java:1908)
    at cfsearch2ecfm246570528._factor0(...\search.cfm:36)
    at cfsearch2ecfm246570528._factor5(...\search.cfm:30)
    at cfsearch2ecfm246570528.runPage(...\search.cfm:1)
    at coldfusion.runtime.CfJspPage.invoke(CfJspPage.java:152)
    at
    coldfusion.tagext.lang.IncludeTag.doStartTag(IncludeTag.java:343)
    at
    coldfusion.filter.CfincludeFilter.invoke(CfincludeFilter.java:65)
    at
    coldfusion.filter.ApplicationFilter.invoke(ApplicationFilter.ja...
    <br>The error occurred on line 36.
    The tag for the search is as follows:
    <cfsearch collection="#form.collect#" language="English"
    type="SIMPLE" criteria="#Session.searchTerm#"
    name="Session.results">
    on line 36.
    I have not been able to reproduce the error, and there isn't
    anything strange about the search terms submitted.
    This is the first time I've used Verity, and would appreciate
    any words of wisdom as to what might be the cause of this error,
    and how to eliminate it.

    ok the value is 0
    but i am not sure what that means, i havnt used verity
    before?
    can you help
    just to let you know what i need to do,
    i have a results page which show 1 surname with all that
    persons information, on the same page there is a search by surname
    text box, when this is submited i need to move to the first recoed
    that matches the text box, so then i can still use the next and
    previous buttons to navigate through.
    so really what i need to do is get all the records order them
    by surname then give each of them a id number
    so Abbot = 1, Adcock= 2 etc
    then i should be able to use the next and previous to go
    through them?
    i am just not sure how i can do this?
    hope you can usnderstand what i am trying to do.
    many thanks

  • How to improve the performance for integrating third party search engine

    hi,
    I have been working on integrating verity search engine with KM. the performance for retrieving search result totally depend on how many search result returned, for example if there is less than 10 records, it only takes 3 seconds, but if there are 200 records, it takes about 3 minutes, is it normal? anyway to improve it? Thanks!
    T.J.

    Thilo,
    thanks for the response, would you recommend some document for configuring KM cache service, I did change memory cache, and also dynamic web reposity, whatelse out there that I can change? right now, I have one instance(EP6.4 sp11) works well, it returns 200 records from Stellent within 6s. But when I put this KM global service on EP6.0 sp2 (our current system) it takes about 15s. I am not sure is this because of different EP version, or something else. I have tried my best to slim down SOAP component from Stellent. I don't think anything else can be done from that side anymore. before I changed the SOAP, it tooks about 60s. just wonder what else I can do on KM side to improve it performance? Thanks!
    T.J.

  • Issues with integrating third party search engine

    hi,
    I have two issues.
    1. my integration with Stellent verity search engine is working for the first time, but when I search again, nothing return, even on the same search criteria. I wonder something wrong with session object, please explain how session, rawsession object works related to getSearchResult(). session object is returned instead rawsession in executeQueryWithSession(), even though rawSearchResult has been set on rawSession.
    2. it is very slow for the search result to return, though all the URL are valid. any way to improve the speed?
    thanks!
    T.J.

    Hi T.J.,
    the session object itself is normally not the problem. Have you checked that your dynamic WebRM has ha valid cache life time? Nevertheless the cache for the dynamic WebRM should have a life time value of at least 1 min or more (depending on how long you expect your users to browse on the search result)
    The performace of the federated search depends on the call time to each connected search engine. It can currently only speed up by the implementation of your search engine. Try to measure the connect time from the IndexService implementation to the search engine. In most cases this is the bottle neck.
    Regards,
    Thilo
    Message was edited by: Thilo Brandt

  • What search engines does iPlanet Portal support

     

    iPlanet Portal Server facilitates search services by integrating iPlanet Compass Server with it.
    iPlanet Compass Server has built-in search engine and also Verity search engine forms part of it.
    For further references, look it in to the following URL:
    http://docs.iplanet.com/docs/manuals/compass.html
    -SaralaVijay

  • Search Engine Conversion Filters

    Does each service pack of iplanet/sun one web server install newer conversion filters for the search engine (word, excel, pdf etc.)? Generally, how new are these filters compared to data formats (Office XP etc.)?
    We are running iplanet 6 sp2 and the search engine seems to stumble with newer ms office and acrobat files. I have not been able to find any documentation whatsoever on obtaining and installation newer conversion filters. Any help would be greatly appreicated.
    mojo

    Typically the filters included in Service Packs are not changed unless there is a defect that needs addressing.
    The SunONE Web Server uses the Verity search engine. Filters that work with Verity's offerings should work with SunONE WS.

  • Iplanet search engine

    I have been trying to get newer conversion filters for MS Word and MS Excel documents for out installation of iplanet 6 sp2. I only just noticed that iplanet search isn't using any converson filters for these documents at all (if I look at the html converted text, its the same as what you would see in notepad when opening a Word or Excel documents).
    Has anyone had any success at all getting netscape/iplanet/sun one search to properly index Word and Excel documents? How can I get conversion filters for these documents and how can I install them?
    Any help would be greatly appreciated.
    mojo

    The SunONE Web Server uses the Verity Search Engine. Filters that work with the Verity engine should work with SunONE WS as well.

  • Has anyone integrated other search engine?

    My organization has an enterprise license to use the Verity search engine, and so we would like to use this rather than InterMedia.
    Is this possible? -- ie, can other search engines be integrated into Portal. And if so, where can I find some guidance for doing this?
    Thanks!
    Brian Downs

    I came across information in the Oracle Portlet catalog the other day, and I saw something about Verity. For more information, go to the following site:
    http://portalstudio.oracle.com/servlet/page?_pageid=1639&_dad=ops&_schema=OPSTUDIO
    Do a keyword search on "Verity" and you will see the details about the portlet.

  • Wondering if I should upgrade from OS 10.6.8 to yosemite as search engines are acting a little weird - fan can come on, slow to shut down and also concerned about Security as my OS is older and no longer upgraded etc...?

    Problem description:
    Wondering if I should upgrade to Yosemite from Mac pro 10.6.8  as search engines are not always responding well - Fan comes on with firefox/safari is not always responding on some sites - also concerned about security issues as my system is older and not able to receive ? I have used etrecheck and copied results here - Any help/suggestions much appreciated  - Thanks kindly!
    EtreCheck version: 2.1.8 (121)
    Report generated February 7, 2015 10:41:15 AM EST
    Download EtreCheck from http://etresoft.com/etrecheck
    Click the [Click for support] links for help with non-Apple products.
    Click the [Click for details] links for more information about that line.
    Hardware Information: ℹ️
        MacBook Pro (13-inch, Early 2011) (Technical Specifications)
        MacBook Pro - model: MacBookPro8,1
        1 2.3 GHz Intel Core i5 CPU: 2-core
        4 GB RAM
            BANK 0/DIMM0
                2 GB DDR3 1333 MHz ok
            BANK 1/DIMM0
                2 GB DDR3 1333 MHz ok
        Bluetooth: Old - Handoff/Airdrop2 not supported
        Wireless:  en1: 802.11 a/b/g/n
        Battery Health: Normal - Cycle count 303
    Video Information: ℹ️
        Intel HD Graphics 3000 - VRAM: 384 MB
            Color LCD 1280 x 800
    System Software: ℹ️
        Mac OS X 10.6.8 (10K549) - Time since boot: 1:24:41
    Disk Information: ℹ️
        Hitachi HTS545032B9A302 disk0 : (298.09 GB)
            - (disk0s1) <not mounted> : 210 MB
            Macintosh HD (disk0s2) / : 319.73 GB (198.41 GB free)
        OPTIARC DVD RW AD-5970H
    USB Information: ℹ️
        Apple Inc. FaceTime HD Camera (Built-in)
        Apple Inc. BRCM2070 Hub
            Apple Inc. Bluetooth USB Host Controller
        Apple Inc. Apple Internal Keyboard / Trackpad
        Apple Computer, Inc. IR Receiver
    Thunderbolt Information: ℹ️
        Apple, Inc. MacBook Pro
    Configuration files: ℹ️
        /etc/hosts - Count: 15
    Kernel Extensions: ℹ️
            /System/Library/Extensions
        [not loaded]    com.olympus.DSSBlockCommandsDevice (1.1.0) [Click for support]
    Problem System Launch Daemons: ℹ️
        [not loaded]    org.samba.winbindd.plist [Click for support]
    Launch Agents: ℹ️
        [not loaded]    com.adobe.AAM.Updater-1.0.plist [Click for support]
        [loaded]    com.adobe.CS5ServiceManager.plist [Click for support]
    Launch Daemons: ℹ️
        [loaded]    com.adobe.fpsaud.plist [Click for support]
        [loaded]    com.adobe.SwitchBoard.plist [Click for support]
        [loaded]    com.microsoft.office.licensing.helper.plist [Click for support]
    User Launch Agents: ℹ️
        [loaded]    com.adobe.AAM.Updater-1.0.plist [Click for support]
        [loaded]    com.adobe.ARM.[...].plist [Click for support]
        [loaded]    com.google.keystone.agent.plist [Click for support]
    User Login Items: ℹ️
        Flux    Application  (/Applications/Flux.app)
    Internet Plug-ins: ℹ️
        JavaAppletPlugin: Version: 13.9.8 - SDK 10.6 Check version
        FlashPlayer-10.6: Version: 16.0.0.305 - SDK 10.6 [Click for support]
        QuickTime Plugin: Version: 7.6.6
        AdobePDFViewerNPAPI: Version: 10.1.12 [Click for support]
        AdobePDFViewer: Version: 10.1.12 [Click for support]
        DivXBrowserPlugin: Version: 1.4 [Click for support]
        Flash Player: Version: 16.0.0.305 - SDK 10.6 [Click for support]
        SharePointBrowserPlugin: Version: 14.1.0 [Click for support]
        Google Earth Web Plug-in: Version: 7.1 [Click for support]
        Silverlight: Version: 4.1.10329.0 [Click for support]
        iPhotoPhotocast: Version: 7.0 - SDK 10.7
    Audio Plug-ins: ℹ️
        iSightAudio: Version: 7.6.6
    3rd Party Preference Panes: ℹ️
        Flash Player  [Click for support]
        Growl  [Click for support]
    Time Machine: ℹ️
        Time Machine information requires OS X 10.7 "Lion" or later.
    Top Processes by CPU: ℹ️
             7%    WindowServer
             1%    plugin-container
             1%    firefox
             0%    fontd
             0%    Flux
    Top Processes by Memory: ℹ️
        515 MB    firefox
        52 MB    mds
        43 MB    WindowServer
        43 MB    Finder
        34 MB    plugin-container
    Virtual Memory Information: ℹ️
        2.14 GB    Free RAM
        745 MB    Active RAM
        475 MB    Inactive RAM
        929 MB    Wired RAM
        231 MB    Page-ins
        0 B    Page-outs
    Diagnostics Information: ℹ️
        Feb 7, 2015, 09:16:09 AM    Self test - passed

    ... Fan comes on with firefox/safari is not always responding on some sites -
    An SMC reset may resolve the otherwise inexplicable fan behaviour. Be sure to read the procedure carefully and follow all the steps exactly as written, even if they seem inapplicable or trivial.
    Fixing a modified Hosts file requires specific instructions. Apple Support Communities contributor and EtreCheck author etresoft recently added a User Tip discussing that concern, and how to correct it: Fixing a hacked /etc/hosts file
    Back up your Mac prior to making any changes to its file system. To learn how to use Time Machine read Mac Basics: Time Machine backs up your Mac.

  • Safari Version 6.0.2 (7536.26.17)  Yahoo security - Using Yahoo search engine: while logged into Yahoo my entire screen gets taken over by a full page popup add/i've cleared histories

    Safari Version 6.0.2 (7536.26.17)
    I believe my problems stem from the public side of Yahoo where I go to open my Yahoo Email account, and/or from the file I get in
    email.
    Yahoo security - Using Yahoo search engine: while logged into Yahoo my entire screen gets taken over by a full page popup add/i've cleared histories & cookies & flash cookies but the problem returns, sometimes right away, sometime on the next log on … what to do … . I’ve heard of this problem being called a form of ‘yahoo mail hijacking’.
    Yahoo is better than Google right now. While using Google as a search engine and logged into Yahoo-mail the page elevator (up& down) bar actually freezes, a dead giveaway that something is up. So far nothing I do will stop the page elevator from freezing when I'm using the Google search engine. I either have to use the Yahoo or Bing search engines.
    MacPro w/OS X ver 10.7.5 & Norton Internet Security 5 for Mac ver 12.4 (73) /  I update Norton security at least 3-times a day. I thing I get the bug when I log onto my Yahoo Email and go through my emails. When problems get constant I Reset Safari then run flush to burn flash cookies. What else can I do?
    Yahoo wanted $58-bucks for a consult, that’s ********. You would think Yahoo would want to be advised of ongoing Yahoo Searchengine / Yahoo Email problems, and want to help there users with ongoing problems. Sure they will help me with their problem for $58, and probably even suggest even less than what I am already doing on my own.

    It's hard to tell from your description what is going on, but try this first.
    Quit Safari. If it won't quit in the usual way, select
     ▹ Force Quit...
    from the menu bar, then select Safari from the list and press return.
    Relaunch Safari by holding down the shift  key and clicking its icon in the Dock. That will stop the bad page from reloading automatically. From the menu bar, select
    Safari ▹ Preferences... ▹ Privacy ▹ Remove all website data
    to get rid of any cookies or other data left by the server. Open your Downloads folder and delete anything you don't recognize.
    Also get rid of the useless Norton crapware, after backing up all data.
    Uninstalling your Norton product for Mac

  • Verity VDK 6 search engine not working...

    I recently installed the VERITY.VDK.6 search engine component and I'm obtaining the following error upon any search performed:
    > Unable to attach collection 'c:/oracle/ucm/server/search/index2/intradocbasic/'. Improper object type.
    > Event generated by user 'sysadmin' at host 'ecmvm'. intradoc.common.ServiceException: Improper object type. intradoc.common.ServiceException: Improper object type.
    Upon installation of the component, before restarting the server, I added the following lines to the config.cfg file:
    > SearchIndexerEngineName=VERITY.VDK.6
    > VerityLocale=englishv
    This is the only thing you need to add to the config.cfg file, right? Or this one as well if you want the search index to rebuild upon restart instead of manually:
    > SearchIndexerEngineName:Rebuild
    ...right?
    Additionally, when I go to the Repository Manager admin applet, to the Indexer tab, starting either the Automatic Update Cycle or the Collection Rebuild Cycle function triggers the following error:
    > Indexing aborted. The active collection cannot be accessed but document 000003 (dID=4) indicates that it is indexed in this collection. File 'c:/oracle/ucm/server/search/index1/intradocbasic/style/style.ufl' does not exist.
    Once again, the lack of clear product documentation might have lead me to performing some mistake during the installation... Any ideas to what might be causing this?
    Thanks in advance...
    - Tiago Dias

    Update: After some restarts I found that adding just SearchIndexerEngineName:Rebuild in the config.cfg file doesn't really work (wrong syntax?) and interestingly I found that if one "insists" on the Collection Rebuild Cycle function it eventually works and the searching now works...
    So... problem solved, hope this will help someone in the future.

  • Why do I get the google search engine? Whole point was to get rid of google due to security issues.

    Due to the change in Google privacy I wanted a more secure search engine. Firefox was suggested. Downloaded it, but when I click on the Firefox button, it brings up Google (along with the privacy changes alert). Is Firefox really protecting me? I assumed Firefox was an independent search engine.
    Yes, I have set up the "do not track me" security in Firefox.

    Why do all the "about:config" stuff when the Firefox help page tells us to click on the symbol in the left corner of the search box and pick another search engine. If the one you want isn't there, click "manage search engines" and you can add one.

  • Search engine using Verity

    I want to build a search engine for my site, I'm told that i
    can do this using Verity. How on earth do I go about this? Where I
    start from.....I'm a newbie to CFML. Thanks a bunch!

    Check out
    http://livedocs.macromedia.com/coldfusion/6/Developing_ColdFusion_MX_Applications_with_CFM L/indexSearch02.htm

  • Verity K2 Search Engine

    Has anyone implented the K2 search engine off off an Orcale database on a Solaris platform using a non-ODBC connection??? Need help on how to construct the gateway connection?

    Check out
    http://livedocs.macromedia.com/coldfusion/6/Developing_ColdFusion_MX_Applications_with_CFM L/indexSearch02.htm

Maybe you are looking for