> ## Documentation Index
> Fetch the complete documentation index at: https://doc.lucidworks.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Restrictive Mode

export const LwTemplate = ({title = "Key questions to get you started", icon = "sparkles", cta = "Powered by Agent Studio", linkHref = "https://lucidworks.com/demo/?utm_source=docs&utm_medium=referral&utm_campaign=docs_cta_ai"}) => {
  const [isLoaded, setIsLoaded] = useState(false);
  useEffect(() => {
    const timer = setTimeout(() => {
      setIsLoaded(true);
    }, 500);
    return () => clearTimeout(timer);
  }, []);
  return <div className="lw-template-container">
      <Card title={title} icon={icon}>
        {isLoaded && <span dangerouslySetInnerHTML={{
    __html: `<lw-template id="a029c1a9-28be-427e-b0e1-5d918920246a"></lw-template
            >`
  }} />}
        <Link href={linkHref} className="agent-studio-link text-left text-gray-600 gap-2 dark:text-gray-400 text-sm font-medium flex flex-row items-center hover:text-primary dark:hover:text-primary-light group-hover:text-primary group-hover:dark:text-primary-light">Powered by Lucidworks Agent Studio</Link>
      </Card>
    </div>;
};

Restrictive mode safeguards the pipeline against unintended or unsafe changes. You can enable restrictive mode for any query pipeline.

<Note>
  This feature is available starting in Lucidworks Search 5.9.15.
</Note>

The default mode is permissive mode.

When a query pipeline is in restrictive mode:

* **Only certain query parameters are allowed.**\
  Restrictive mode blocks parameters that could be used destructively.

* **Strict parameter validation and sanitization is applied.**

  * In the `q` parameter, no Solr syntax is allowed.
    This prevents injection attacks that could expose sensitive data.
  * The `rows` and `start` parameters are limited to a maximum of 100.
  * The `sort` parameter is limited to known, sortable fields.
  * Facet parameters are prevented from triggering expensive faceting operations.

<LwTemplate />

## Enabling restrictive mode

You can enable restrictive mode for any individual pipeline, in the Query Pipelines panel.

<Accordion title="How to enable restrictive mode">
  1. Navigate to **Query** > **Query Pipelines**.
  2. Select the pipeline you want to secure.
  3. In the **Parameter Validation** field, select **Restrictive**.

  <img src="https://mintcdn.com/lucidworks/zu0pV9aZMhAFscBD/assets/images/5.9/restrictive-mode-enable.png?fit=max&auto=format&n=zu0pV9aZMhAFscBD&q=85&s=0d99cf4bea05e601910b53393afefcc5" alt="Parameter Validation field in the Query Pipelines panel" width="1420" height="624" data-path="assets/images/5.9/restrictive-mode-enable.png" />
</Accordion>

## Allowed parameters

The parameters listed below are allowed in restrictive mode.
All other parameters are prohibited.

* `bf`
* `boost`
* `bq`
* `callback`
* `collection`
* `context`
* `cursorMark`
* `debug`
* `defType`
* `echoParams`
* `explainOther`
* `facet.field`
* `facet.limit`
* `facet.mincount`
* `facet.pivot`
* `facet.query`
* `facet.range`
* `facet.sort`
* `facet`
* `fl`
* `fq`
* `hl.fl`
* `hl.fragsize`
* `hl.simple.post`
* `hl.simple.pre`
* `hl.snippets`
* `hl`
* `indent`
* `json.facet`
* `json.nl`
* `json.wrf`
* `mm`
* `omitHeader`
* `pf`
* `ps`
* `q`
* `qf`
* `qs`
* `queryProfileID`
* `requestHandler`
* `rows`
* `segmentTerminateEarly`
* `sort`
* `start`
* `tie`
* `timeAllowed`
* `wt`
