[Geoserver-devel] Restrict WMS GetMap output formats

Hi all

A customer of mine wants to sponsor WMS GetMap output format restrictions and I want to start this work during the weekend.

The theme is not a new one, I found some mail threads

http://osgeo-org.1560.x6.nabble.com/WMS-output-format-restrictions-td3796402.html

http://sourceforge.net/p/geoserver/mailman/geoserver-users/thread/1389872872516-5098375.post@anonymised.com/

There is also an issue about the topic

http://jira.codehaus.org/browse/GEOS-4592

My investigations so far

  1. GEOS-4592 proposes a black listing of formats. I would prefer a white listing of mime types. Implementations of org.geoserver.wms.GetMapOutputFormat are injected by Spring and as consequence, output formats can be added by extensions.

  2. I would like to store the white list in org.geoserver.wms.WMSInfo like the “Limited SRS list”. An empty white list means all formats are allowed (this is the default).

  3. I think I can find all supported mime types by retrieving all implementations of GetMapOutputFormat form the Spring context and collecting the result of the method getMimeType(). On the WMSAdminPage I would implement a CheckBox “Allowed mime types”. The default value of this CheckBox is unchecked. If checked, I want dynamically add a list of check boxes representing each mime type .

  4. If the white list is not empty, the WMS capabilities document contains only allowed format names, retrieved by GetMapOutputFormat.getOutputFormatNames().

  5. A nice place to check the mime type would be org.geoserver.wms.GetMap.getDelegate(). If the mime type of the producer is not in the white list, I would throw a ServiceException. The problem I have is how to get WSInfo object (global or workspace specific). Any Hints ?

  6. Is it enough to open a JIRA issue or should I write a GSIP on github.

Thanks in advance for comments, advises and hints.

Cheers
Christian

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

On Fri, May 30, 2014 at 2:51 PM, Christian Mueller <
christian.mueller@anonymised.com> wrote:

Hi all

A customer of mine wants to sponsor WMS GetMap output format restrictions
and I want to start this work during the weekend.

The theme is not a new one, I found some mail threads

http://osgeo-org.1560.x6.nabble.com/WMS-output-format-restrictions-td3796402.html

http://sourceforge.net/p/geoserver/mailman/geoserver-users/thread/1389872872516-5098375.post@anonymised.com/

There is also an issue about the topic

http://jira.codehaus.org/browse/GEOS-4592

My investigations so far

1) GEOS-4592 proposes a black listing of formats. I would prefer a white
listing of mime types. Implementations
of org.geoserver.wms.GetMapOutputFormat are injected by Spring and as
consequence, output formats can be added by extensions.

Ok, security oriented setup eh?
In the end both work, some people will find it annoying if all they wanted
was to get rid of a certain format, but security oriented people will be
concerned that new plugins or upgrades
will result in undesired formats.

2) I would like to store the white list in org.geoserver.wms.WMSInfo like
the "Limited SRS list". An empty white list means all formats are allowed
(this is the default)

Yep. So this will be done at the service level, not at the layer level,
right? (not against it, just asking).
Wondering, are you planning to have a separate white list for each request?
GetMap and GetFeatureInfo have separate sets of output formats.
Or are you going to work on GetMap only?

3) I think I can find all supported mime types by retrieving all
implementations of GetMapOutputFormat form the Spring context and
collecting the result of the method getMimeType(). On the WMSAdminPage I
would implement a CheckBox "Allowed mime types". The default value of this
CheckBox is unchecked. If checked, I want dynamically add a list of check
boxes representing each mime type .

Yep

4) If the white list is not empty, the WMS capabilities document contains
only allowed format names, retrieved by
GetMapOutputFormat.getOutputFormatNames().

Ok

5) A nice place to check the mime type would
be org.geoserver.wms.GetMap.getDelegate(). If the mime type of the producer
is not in the white list, I would throw a ServiceException. The problem I
have is how to get WSInfo object (global or workspace specific). Any Hints ?

WMS.getServiceInfo()

6) Is it enough to open a JIRA issue or should I write a GSIP on github.

No strong opinion here, I'm happy with the mail

Cheers
Andrea

--

Meet us at GEO Business 2014! in London! Visit http://goo.gl/fES3aK
for more information.

Ing. Andrea Aime
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

-------------------------------------------------------

Hi Andrea

Yes, security orientated. I prefer the white list, did you expect the opposite :slight_smile:

The restriction is done at the service level. If there is a strong demand for finer granularity, we can add the functionality on a layer level later, using the service configuration as a default for all layers.

About getFeatureInfo:

At the moment it is possible to disable getFeatureInfo at all, so far so good. The code for this kind of request uses a default content type, no service exception is thrown.
What should happen for a getFeatureInfo request if the content type is not allowed. Should we trigger a Service Exception or return nothing ?.

If there is a demand for adding format restrictions for getFeatureInfo at the service level, this would be the best point of time to do it. Let me know.

Cheers
Chrstian

···

On Fri, May 30, 2014 at 3:55 PM, Andrea Aime <andrea.aime@anonymised.com> wrote:

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

On Fri, May 30, 2014 at 2:51 PM, Christian Mueller <christian.mueller@anonymised.com> wrote:

Hi all

A customer of mine wants to sponsor WMS GetMap output format restrictions and I want to start this work during the weekend.

The theme is not a new one, I found some mail threads

http://osgeo-org.1560.x6.nabble.com/WMS-output-format-restrictions-td3796402.html

http://sourceforge.net/p/geoserver/mailman/geoserver-users/thread/1389872872516-5098375.post@anonymised.com/

There is also an issue about the topic

http://jira.codehaus.org/browse/GEOS-4592

My investigations so far

  1. GEOS-4592 proposes a black listing of formats. I would prefer a white listing of mime types. Implementations of org.geoserver.wms.GetMapOutputFormat are injected by Spring and as consequence, output formats can be added by extensions.

Ok, security oriented setup eh?
In the end both work, some people will find it annoying if all they wanted was to get rid of a certain format, but security oriented people will be concerned that new plugins or upgrades
will result in undesired formats.

  1. I would like to store the white list in org.geoserver.wms.WMSInfo like the “Limited SRS list”. An empty white list means all formats are allowed (this is the default)

Yep. So this will be done at the service level, not at the layer level, right? (not against it, just asking).
Wondering, are you planning to have a separate white list for each request? GetMap and GetFeatureInfo have separate sets of output formats.
Or are you going to work on GetMap only?

  1. I think I can find all supported mime types by retrieving all implementations of GetMapOutputFormat form the Spring context and collecting the result of the method getMimeType(). On the WMSAdminPage I would implement a CheckBox “Allowed mime types”. The default value of this CheckBox is unchecked. If checked, I want dynamically add a list of check boxes representing each mime type .

Yep

  1. If the white list is not empty, the WMS capabilities document contains only allowed format names, retrieved by GetMapOutputFormat.getOutputFormatNames().

Ok

  1. A nice place to check the mime type would be org.geoserver.wms.GetMap.getDelegate(). If the mime type of the producer is not in the white list, I would throw a ServiceException. The problem I have is how to get WSInfo object (global or workspace specific). Any Hints ?

WMS.getServiceInfo()

  1. Is it enough to open a JIRA issue or should I write a GSIP on github.

No strong opinion here, I’m happy with the mail

Cheers
Andrea

==
Meet us at GEO Business 2014! in London! Visit http://goo.gl/fES3aK
for more information.

Ing. Andrea Aime

@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it


On Fri, May 30, 2014 at 5:51 PM, Christian Mueller <
christian.mueller@anonymised.com> wrote:

Hi Andrea

Yes, security orientated. I prefer the white list, did you expect the
opposite :slight_smile:

Not from you no, but here we have to think about what the average user
might want, not about our personal inclinations.
I'm good either way though, someone will get upset no matter if we
implement if one way or the other.

The restriction is done at the service level. If there is a strong demand
for finer granularity, we can add the functionality on a layer level later,
using the service configuration as a default for all layers.

About getFeatureInfo:

At the moment it is possible to disable getFeatureInfo at all, so far so
good. The code for this kind of request uses a default content type, no
service exception is thrown.
What should happen for a getFeatureInfo request if the content type is not
allowed. Should we trigger a Service Exception or return nothing ?.

Service exception, if the mime type is not listed in the caps document, we
should ask as if it was not there

If there is a demand for adding format restrictions for getFeatureInfo at
the service level, this would be the best point of time to do it. Let me
know.

Uh, it's a bit odd to have the limit just for GetMap, but when people ask
we can always answer "because the funds were limited to GetMap".
Just make it evident in the gui that the whitelist is for GetMap only

Cheers
Andrea

--

Meet us at GEO Business 2014! in London! Visit http://goo.gl/fES3aK
for more information.

Ing. Andrea Aime
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

-------------------------------------------------------

Hi,

I have seen that people would like to disable the vector formats from GetFeatureInfo:

text/plain application/vnd.ogc.gml application/vnd.ogc.gml/3.1.1 text/html application/json

Would mean GML and geojson.

-Jukka Rahkonen-

···

On Fri, May 30, 2014 at 3:55 PM, Andrea Aime <andrea.aime@anonymised.com> wrote:

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

On Fri, May 30, 2014 at 2:51 PM, Christian Mueller <christian.mueller@anonymised.com> wrote:

Hi all

A customer of mine wants to sponsor WMS GetMap output format restrictions and I want to start this work during the weekend.

The theme is not a new one, I found some mail threads

http://osgeo-org.1560.x6.nabble.com/WMS-output-format-restrictions-td3796402.html

http://sourceforge.net/p/geoserver/mailman/geoserver-users/thread/1389872872516-5098375.post@anonymised.com/

There is also an issue about the topic

http://jira.codehaus.org/browse/GEOS-4592

My investigations so far

  1. GEOS-4592 proposes a black listing of formats. I would prefer a white listing of mime types. Implementations of org.geoserver.wms.GetMapOutputFormat are injected by Spring and as consequence, output formats can be added by extensions.

Ok, security oriented setup eh?
In the end both work, some people will find it annoying if all they wanted was to get rid of a certain format, but security oriented people will be concerned that new plugins or upgrades
will result in undesired formats.

  1. I would like to store the white list in org.geoserver.wms.WMSInfo like the “Limited SRS list”. An empty white list means all formats are allowed (this is the default)

Yep. So this will be done at the service level, not at the layer level, right? (not against it, just asking).
Wondering, are you planning to have a separate white list for each request? GetMap and GetFeatureInfo have separate sets of output formats.
Or are you going to work on GetMap only?

  1. I think I can find all supported mime types by retrieving all implementations of GetMapOutputFormat form the Spring context and collecting the result of the method getMimeType(). On the WMSAdminPage I would implement a CheckBox “Allowed mime types”. The default value of this CheckBox is unchecked. If checked, I want dynamically add a list of check boxes representing each mime type .

Yep

  1. If the white list is not empty, the WMS capabilities document contains only allowed format names, retrieved by GetMapOutputFormat.getOutputFormatNames().

Ok

  1. A nice place to check the mime type would be org.geoserver.wms.GetMap.getDelegate(). If the mime type of the producer is not in the white list, I would throw a ServiceException. The problem I have is how to get WSInfo object (global or workspace specific). Any Hints ?

WMS.getServiceInfo()

  1. Is it enough to open a JIRA issue or should I write a GSIP on github.

No strong opinion here, I’m happy with the mail

Cheers
Andrea

==
Meet us at GEO Business 2014! in London! Visit http://goo.gl/fES3aK
for more information.

Ing. Andrea Aime

@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it


Question, are you doing config inheritance on this?

Like can a white list from the root WMS layer, or a layer group be combined with the list for a specific layer? Or do we need to setup each layer one at a time.

Jody

On Friday, May 30, 2014, Christian Mueller <christian.mueller@anonymised.com74…> wrote:

Hi all

A customer of mine wants to sponsor WMS GetMap output format restrictions and I want to start this work during the weekend.

The theme is not a new one, I found some mail threads

http://osgeo-org.1560.x6.nabble.com/WMS-output-format-restrictions-td3796402.html

http://sourceforge.net/p/geoserver/mailman/geoserver-users/thread/1389872872516-5098375.post@anonymised.com/

There is also an issue about the topic

http://jira.codehaus.org/browse/GEOS-4592

My investigations so far

  1. GEOS-4592 proposes a black listing of formats. I would prefer a white listing of mime types. Implementations of org.geoserver.wms.GetMapOutputFormat are injected by Spring and as consequence, output formats can be added by extensions.

  2. I would like to store the white list in org.geoserver.wms.WMSInfo like the “Limited SRS list”. An empty white list means all formats are allowed (this is the default).

  3. I think I can find all supported mime types by retrieving all implementations of GetMapOutputFormat form the Spring context and collecting the result of the method getMimeType(). On the WMSAdminPage I would implement a CheckBox “Allowed mime types”. The default value of this CheckBox is unchecked. If checked, I want dynamically add a list of check boxes representing each mime type .

  4. If the white list is not empty, the WMS capabilities document contains only allowed format names, retrieved by GetMapOutputFormat.getOutputFormatNames().

  5. A nice place to check the mime type would be org.geoserver.wms.GetMap.getDelegate(). If the mime type of the producer is not in the white list, I would throw a ServiceException. The problem I have is how to get WSInfo object (global or workspace specific). Any Hints ?

  6. Is it enough to open a JIRA issue or should I write a GSIP on github.

Thanks in advance for comments, advises and hints.

Cheers
Christian

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

Jody Garnett

Hi Jody

The format restrictions work on the service level, look at the and elements in the WMS capabilities document. The Elements are children of the service elements.

I think it is not possible to put the XML construct mentioned above inside a element.

Christian

···

On Fri, May 30, 2014 at 10:18 PM, Jody Garnett <jody.garnett@anonymised.com> wrote:

Question, are you doing config inheritance on this?

Like can a white list from the root WMS layer, or a layer group be combined with the list for a specific layer? Or do we need to setup each layer one at a time.

Jody

On Friday, May 30, 2014, Christian Mueller <christian.mueller@anonymised.com> wrote:

Hi all

A customer of mine wants to sponsor WMS GetMap output format restrictions and I want to start this work during the weekend.

The theme is not a new one, I found some mail threads

http://osgeo-org.1560.x6.nabble.com/WMS-output-format-restrictions-td3796402.html

http://sourceforge.net/p/geoserver/mailman/geoserver-users/thread/1389872872516-5098375.post@anonymised.com/

There is also an issue about the topic

http://jira.codehaus.org/browse/GEOS-4592

My investigations so far

  1. GEOS-4592 proposes a black listing of formats. I would prefer a white listing of mime types. Implementations of org.geoserver.wms.GetMapOutputFormat are injected by Spring and as consequence, output formats can be added by extensions.

  2. I would like to store the white list in org.geoserver.wms.WMSInfo like the “Limited SRS list”. An empty white list means all formats are allowed (this is the default).

  3. I think I can find all supported mime types by retrieving all implementations of GetMapOutputFormat form the Spring context and collecting the result of the method getMimeType(). On the WMSAdminPage I would implement a CheckBox “Allowed mime types”. The default value of this CheckBox is unchecked. If checked, I want dynamically add a list of check boxes representing each mime type .

  4. If the white list is not empty, the WMS capabilities document contains only allowed format names, retrieved by GetMapOutputFormat.getOutputFormatNames().

  5. A nice place to check the mime type would be org.geoserver.wms.GetMap.getDelegate(). If the mime type of the producer is not in the white list, I would throw a ServiceException. The problem I have is how to get WSInfo object (global or workspace specific). Any Hints ?

  6. Is it enough to open a JIRA issue or should I write a GSIP on github.

Thanks in advance for comments, advises and hints.

Cheers
Christian

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

Jody Garnett

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

That makes sense then, I was just not sure where you were setting it up. Miso part of the WMS service configuration page then.

I just asked because thebsrslist is per layer.

···

On Fri, May 30, 2014 at 10:18 PM, Jody Garnett <jody.garnett@anonymised.com…> wrote:

Question, are you doing config inheritance on this?

Like can a white list from the root WMS layer, or a layer group be combined with the list for a specific layer? Or do we need to setup each layer one at a time.

Jody

On Friday, May 30, 2014, Christian Mueller christian.mueller@anonymised.com wrote:

Hi all

A customer of mine wants to sponsor WMS GetMap output format restrictions and I want to start this work during the weekend.

The theme is not a new one, I found some mail threads

http://osgeo-org.1560.x6.nabble.com/WMS-output-format-restrictions-td3796402.html

http://sourceforge.net/p/geoserver/mailman/geoserver-users/thread/1389872872516-5098375.post@anonymised.com/

There is also an issue about the topic

http://jira.codehaus.org/browse/GEOS-4592

My investigations so far

  1. GEOS-4592 proposes a black listing of formats. I would prefer a white listing of mime types. Implementations of org.geoserver.wms.GetMapOutputFormat are injected by Spring and as consequence, output formats can be added by extensions.

  2. I would like to store the white list in org.geoserver.wms.WMSInfo like the “Limited SRS list”. An empty white list means all formats are allowed (this is the default).

  3. I think I can find all supported mime types by retrieving all implementations of GetMapOutputFormat form the Spring context and collecting the result of the method getMimeType(). On the WMSAdminPage I would implement a CheckBox “Allowed mime types”. The default value of this CheckBox is unchecked. If checked, I want dynamically add a list of check boxes representing each mime type .

  4. If the white list is not empty, the WMS capabilities document contains only allowed format names, retrieved by GetMapOutputFormat.getOutputFormatNames().

  5. A nice place to check the mime type would be org.geoserver.wms.GetMap.getDelegate(). If the mime type of the producer is not in the white list, I would throw a ServiceException. The problem I have is how to get WSInfo object (global or workspace specific). Any Hints ?

  6. Is it enough to open a JIRA issue or should I write a GSIP on github.

Thanks in advance for comments, advises and hints.

Cheers
Christian

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

Jody Garnett

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

On Sat, May 31, 2014 at 8:04 AM, Jody Garnett <jody.garnett@anonymised.com>
wrote:

That makes sense then, I was just not sure where you were setting it up.
Miso part of the WMS service configuration page then.

I just asked because thebsrslist is per layer.

The srs list is per service in wms, the per layer srs list is used only by
the wfs service

Cheers
Andrea

--

Meet us at GEO Business 2014! in London! Visit http://goo.gl/fES3aK
for more information.

Ing. Andrea Aime
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

-------------------------------------------------------

I thought the srs list was attached to the “root” layer in the WMS GetCapabilities document?

···

Jody Garnett

On Sat, May 31, 2014 at 8:09 PM, Andrea Aime <andrea.aime@anonymised.com> wrote:

On Sat, May 31, 2014 at 8:04 AM, Jody Garnett <jody.garnett@anonymised.com> wrote:

That makes sense then, I was just not sure where you were setting it up. Miso part of the WMS service configuration page then.

I just asked because thebsrslist is per layer.

The srs list is per service in wms, the per layer srs list is used only by the wfs service

Cheers

Andrea

==
Meet us at GEO Business 2014! in London! Visit http://goo.gl/fES3aK
for more information.

Ing. Andrea Aime

@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it


On Sat, May 31, 2014 at 3:39 PM, Jody Garnett <jody.garnett@anonymised.com>
wrote:

I thought the srs list was attached to the "root" layer in the WMS
GetCapabilities document?

Indeed, that's why it's per service in wms, not per layer.

In WFS instead it is specified on a layer by layer basis, that's why it's
configured at the layer level (although you can set a list
at the service level too, to act as a default)

Cheers
Andrea

--

Meet us at GEO Business 2014! in London! Visit http://goo.gl/fES3aK
for more information.

Ing. Andrea Aime
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

-------------------------------------------------------

Hi Andrea

About the GUI. Is it ok to do it the same way as on he “New Data Access Rule” page. There is a checkbox “Grant access to any role” and a palette containing available and selected roles.

if the check box is checked, the palette is disabled. If unchecked, you can select a set of roles.

I can image a check box “Allow any GetMap format” and a palette containing the proper mime types.

Btw, I also added support for GetFeatureInfo formats.

On finishing, should I make a pull request ?

Cheers
Christian

···

On Sat, May 31, 2014 at 3:46 PM, Andrea Aime <andrea.aime@anonymised.com> wrote:

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

On Sat, May 31, 2014 at 3:39 PM, Jody Garnett <jody.garnett@anonymised.com> wrote:

I thought the srs list was attached to the “root” layer in the WMS GetCapabilities document?

Indeed, that’s why it’s per service in wms, not per layer.

In WFS instead it is specified on a layer by layer basis, that’s why it’s configured at the layer level (although you can set a list
at the service level too, to act as a default)

Cheers

Andrea

==
Meet us at GEO Business 2014! in London! Visit http://goo.gl/fES3aK
for more information.

Ing. Andrea Aime

@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it


[Sorry for the late response: long weekend in Western Australia]

Christian,

this functionality would be useful for WFS as well, and would be even better if it was defined per-layer. In particular, app-schema WFS feature types can only be returned in one GML subtype as their information model is defined in an application schema that uses a particular version of GML. Current behaviour is to return garbage if the client guesses the wrong type. WFS has an outputFormats list in the capabilities document for each feature type.

Have you considered supporting a per-layer mime type whitelist, and expanding the implementation to WFS?

Kind regards,
Ben.

On 30/05/14 20:51, Christian Mueller wrote:

Hi all

A customer of mine wants to sponsor WMS GetMap output format
restrictions and I want to start this work during the weekend.

The theme is not a new one, I found some mail threads

http://osgeo-org.1560.x6.nabble.com/WMS-output-format-restrictions-td3796402.html
http://sourceforge.net/p/geoserver/mailman/geoserver-users/thread/1389872872516-5098375.post@anonymised.com/

There is also an issue about the topic

http://jira.codehaus.org/browse/GEOS-4592

My investigations so far

1) GEOS-4592 proposes a black listing of formats. I would prefer a
white listing of mime types. Implementations
of org.geoserver.wms.GetMapOutputFormat are injected by Spring and as
consequence, output formats can be added by extensions.

2) I would like to store the white list in org.geoserver.wms.WMSInfo
like the "Limited SRS list". An empty white list means all formats are
allowed (this is the default).

3) I think I can find all supported mime types by retrieving all
implementations of GetMapOutputFormat form the Spring context and
collecting the result of the method getMimeType(). On the WMSAdminPage I
would implement a CheckBox "Allowed mime types". The default value of
this CheckBox is unchecked. If checked, I want dynamically add a list
of check boxes representing each mime type .

4) If the white list is not empty, the WMS capabilities document
contains only allowed format names, retrieved by
GetMapOutputFormat.getOutputFormatNames().

5) A nice place to check the mime type would
be org.geoserver.wms.GetMap.getDelegate(). If the mime type of the
producer is not in the white list, I would throw a ServiceException. The
problem I have is how to get WSInfo object (global or workspace
specific). Any Hints ?

6) Is it enough to open a JIRA issue or should I write a GSIP on github.

Thanks in advance for comments, advises and hints.

Cheers
Christian

--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

------------------------------------------------------------------------------
Time is money. Stop wasting it! Get your web API in 5 minutes.
www.restlet.com/download
http://p.sf.net/sfu/restlet

_______________________________________________
Geoserver-devel mailing list
Geoserver-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel

--
Ben Caradoc-Davies <Ben.Caradoc-Davies@anonymised.com>
Software Engineer
CSIRO Earth Science and Resource Engineering
Australian Resources Research Centre

Hi Ben

The mandate of my customer is to implement this feature for WMS on a service level. Perhaps I can convince my customer to implement it at a layer level, using the configuration of the service as a default.

At the moment, there is no plan for implementing restricted MIME types for WFS. Would be nice to have but it is a matter of funding. (As always).

Sorry for the bad news

Cheers
Christian

···

On Tue, Jun 3, 2014 at 4:10 AM, Ben Caradoc-Davies <Ben.Caradoc-Davies@anonymised.com> wrote:

[Sorry for the late response: long weekend in Western Australia]

Christian,

this functionality would be useful for WFS as well, and would be even better if it was defined per-layer. In particular, app-schema WFS feature types can only be returned in one GML subtype as their information model is defined in an application schema that uses a particular version of GML. Current behaviour is to return garbage if the client guesses the wrong type. WFS has an outputFormats list in the capabilities document for each feature type.

Have you considered supporting a per-layer mime type whitelist, and expanding the implementation to WFS?

Kind regards,
Ben.

On 30/05/14 20:51, Christian Mueller wrote:

Hi all

A customer of mine wants to sponsor WMS GetMap output format
restrictions and I want to start this work during the weekend.

The theme is not a new one, I found some mail threads

http://osgeo-org.1560.x6.nabble.com/WMS-output-format-restrictions-td3796402.html
http://sourceforge.net/p/geoserver/mailman/geoserver-users/thread/1389872872516-5098375.post@anonymised.com/

There is also an issue about the topic

http://jira.codehaus.org/browse/GEOS-4592

My investigations so far

  1. GEOS-4592 proposes a black listing of formats. I would prefer a
    white listing of mime types. Implementations
    of org.geoserver.wms.GetMapOutputFormat are injected by Spring and as
    consequence, output formats can be added by extensions.

  2. I would like to store the white list in org.geoserver.wms.WMSInfo
    like the “Limited SRS list”. An empty white list means all formats are
    allowed (this is the default).

  3. I think I can find all supported mime types by retrieving all
    implementations of GetMapOutputFormat form the Spring context and
    collecting the result of the method getMimeType(). On the WMSAdminPage I
    would implement a CheckBox “Allowed mime types”. The default value of
    this CheckBox is unchecked. If checked, I want dynamically add a list
    of check boxes representing each mime type .

  4. If the white list is not empty, the WMS capabilities document
    contains only allowed format names, retrieved by
    GetMapOutputFormat.getOutputFormatNames().

  5. A nice place to check the mime type would
    be org.geoserver.wms.GetMap.getDelegate(). If the mime type of the
    producer is not in the white list, I would throw a ServiceException. The
    problem I have is how to get WSInfo object (global or workspace
    specific). Any Hints ?

  6. Is it enough to open a JIRA issue or should I write a GSIP on github.

Thanks in advance for comments, advises and hints.

Cheers
Christian


DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH


Time is money. Stop wasting it! Get your web API in 5 minutes.
www.restlet.com/download
http://p.sf.net/sfu/restlet


Geoserver-devel mailing list
Geoserver-devel@anonymised.comsourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel


Ben Caradoc-Davies Ben.Caradoc-Davies@anonymised.com
Software Engineer
CSIRO Earth Science and Resource Engineering
Australian Resources Research Centre

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH