Broken CQL filter list: exception, but status code 200

Hi everyone,

I am involved with a geoserver (2.25.2, Ubuntu 22.04, Corretto 11) instance that occasionally receives WFS requests with syntactically broken CQL.

The response in such a case nicely explains what is wrong, like this:

<?xml version="1.0" ?>
<ServiceExceptionReport ...>
    <ServiceException>
      Could not parse CQL filter list.
Encountered &quot;&lt;EOF&gt;&quot; at line 1, column 4.
Was expecting one of:
...
     Parsing : crap.
</ServiceException>
</ServiceExceptionReport>

for a request to /geoserver/wfs/wfs?...&CQL_FILTER=crap&... (obviously simplifying the real requests here).

However, I was kind of surprised that the response code is 200, and I wonder if this is expected behavior. To me, it would seem like a clear 400 (“malformed syntax” in RFC 7231 hits the nail on the head).

In the server logs, I can see where the ServiceException is thrown:

ERROR  [geoserver.ows] -
org.geoserver.platform.ServiceException: Could not parse CQL filter list.
        at org.geoserver.ows.kvp.CQLFilterKvpParser.parse(CQLFilterKvpParser.java:32)
        at org.geoserver.ows.util.KvpUtils.parse(KvpUtils.java:438)
        at org.geoserver.ows.Dispatcher.parseKVP(Dispatcher.java:1533)
        at org.geoserver.ows.Dispatcher.parseKVP(Dispatcher.java:1529)
        at org.geoserver.ows.Dispatcher.init(Dispatcher.java:320)
        at org.geoserver.ows.Dispatcher.handleRequestInternal(Dispatcher.java:239)
...

Looking at the code from the stacktrace, the Dispatcher class seems to have a mechanism for transforming exceptions of type HttpErrorCodeException into an HttpServletResponse with the corresponding error code. However, ServiceException is not a subclass of HttpErrorCodeException. (In fact, I failed to find any subclasses of it at all.)

Best regards,
Oliver

Classic OGC services are more SOAP like than REST like and won’t return a
suitable HTTP error status, it’s up to you to check the response mime type
and verify if it’s a service exception or a feature payload.

Cheers
Andrea

Il ven 13 set 2024, 10:46 Oliver Kaleske via OSGeo Discourse <
noreply@discourse.osgeo.org> ha scritto:

o5k6 https://discourse.osgeo.org/u/o5k6
September 13

Hi everyone,

I am involved with a geoserver (2.25.2, Ubuntu 22.04, Corretto 11)
instance that occasionally receives WFS requests with syntactically broken
CQL.

The response in such a case nicely explains what is wrong, like this:

<?xml version="1.0" ?>

<ServiceExceptionReport …>

Could not parse CQL filter list.
Encountered "<EOF>" at line 1, column 4.
Was expecting one of:

Parsing : crap.

for a request to /geoserver/wfs/wfs?..&CQL_FILTER=crap&… (obviously
simplifying the real requests here).

However, I was kind of surprised that the response code is 200, and I
wonder if this is expected behavior. To me, it would seem like a clear 400
(“malformed syntax” in RFC 7231 hits the nail on the head).

In the server logs, I can see where the ServiceException is thrown:

ERROR [geoserver.ows] -
org.geoserver.platform.ServiceException: Could not parse CQL filter list.
at org.geoserver.ows.kvp.CQLFilterKvpParser.parse(CQLFilterKvpParser.java:32)
at org.geoserver.ows.util.KvpUtils.parse(KvpUtils.java:438)
at org.geoserver.ows.Dispatcher.parseKVP(Dispatcher.java:1533)
at org.geoserver.ows.Dispatcher.parseKVP(Dispatcher.java:1529)
at org.geoserver.ows.Dispatcher.init(Dispatcher.java:320)
at org.geoserver.ows.Dispatcher.handleRequestInternal(Dispatcher.java:239)

Looking at the code from the stacktrace, the Dispatcher class seems to
have a mechanism for transforming exceptions of type
HttpErrorCodeException into an HttpServletResponse with the corresponding
error code. However, ServiceException is not a subclass of
HttpErrorCodeException. (In fact, I failed to find any subclasses of it
at all.)

Best regards,
Oliver

Visit Topic
https://discourse.osgeo.org/t/broken-cql-filter-list-exception-but-status-code-200/50923/1
or reply to this email to respond.

To unsubscribe from these emails, click here
https://discourse.osgeo.org/email/unsubscribe/fc12c35291eac1a1721a456f098681821b45f9089e717b3ff03381d36a13e045
.

Ciao Andrea,
not exactly the answer I was hoping for :wink: but thanks a lot for clarifying.
Best regards
Oliver

CITE is the specific test we need to pass in order to implement WFS.

It may be nice to have a “anti-cite” mode that breaks compatibility in this case :slight_smile: (to be more normal).