New

The executive guide to generative AI

Read more
About usPartnersSupport|Login

WARNING: Version 5.x has passed its EOL date.

This documentation is no longer being maintained and may be removed. If you are running this version, we strongly advise you to upgrade. For the latest information, see the current release documentation.

« Writing Queries Core »
Elastic Docs Elasticsearch.Net and NEST: the .NET clients [1.x] NEST

Tips and Tricks

edit
IMPORTANT: This documentation is no longer updated. Refer to Elastic's version policy and the latest documentation.

Tips and Tricks

edit

This page lists some general tips and tricks provided by the community

Posting Elasticsearch queries from JavaScript

edit

Consider a scenario where you are using client side libraries like elasticjs but want security to be provided by server side business logic. Consider this example using WebAPI

WARN: make sure dynamic scripting is turned off if you decide to open the full query DSL to the client!

[RoutePrefix("api/Search")]
public class SearchController : ApiController
{
    [ActionName("_search")]
    public IHttpActionResult Post([FromBody]SearchDescriptor<dynamic> query)
    {;
        var client = new ElasticClient();

        //Your server side security goes here

        var result = client.Search(q => query);
        return Ok(result);
    }
}

The fragments [RoutePrefix("api/Search")] and [ActionName("_search")] will let you change your elastic search Url from http://localhost:9200/_search to http://yourwebsite/api/Search/_search and let things work as normal. The fragment [FromBody]SearchDescriptor<dynamic> query will convert the JSON query into NEST SearchDescriptor. The fragment client.Search(q => query) will execute the query.

« Writing Queries Core »

On this page

Was this helpful?
Feedback