[Pywps-devel] Url question in v.in.wfs
Jachym Cepicky
jachym.cepicky at gmail.com
Tue Jan 26 10:27:35 CET 2010
Security issue:
everything after "&", "#", ";" and similar marks is removed from literalvalue
input. imagine this:
value = "http://foo/bar; rm -rf /"
why don't you use complex value input? v.in.ogr is your friend then
j
Dne Po 25. ledna 2010 12:39:52 kljxm napsal(a):
> Yes, the "
> http://localhost:8081/geoserver/ows?service=WFS&version=1.0.0&reque
> st=GetFeature&typeName=Lidar " is my input
> the complete HTTP/GET form is as below:
> http://localhost:8080/cgi-bin/wps.py?Service=WPS&Version=1.0.0&Request=Exec
> ute&identifier=getWFS&datainputs=[input=
> http://localhost:8081/geoserver/ows?service=WFS&version=1.0.0&requ
> est=GetFeature&typeName=Lidar
> ]&responsedocument=[output=@mimeType=text/xml at asreference=true]
>
--
Jachym Cepicky
e-mail: jachym.cepicky gmail com
URL: http://les-ejk.cz
PGP Public key: http://les-ejk.cz/pgp/JachymCepicky.pgp
More information about the Pywps-devel
mailing list