Skip to content

Commit

Permalink
Sanitize URL for services (#374)
Browse files Browse the repository at this point in the history
  • Loading branch information
tomkralidis committed Jun 28, 2017
1 parent 3e1551e commit 52ad2e8
Show file tree
Hide file tree
Showing 9 changed files with 84 additions and 21 deletions.
2 changes: 1 addition & 1 deletion owslib/csw.py
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ def __init__(self, url, lang='en-US', version='2.0.2', timeout=10, skip_caps=Fal
"""

self.url = url
self.url = util.clean_ows_url(url)
self.lang = lang
self.version = version
self.timeout = timeout
Expand Down
8 changes: 6 additions & 2 deletions owslib/sos.py
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
from __future__ import (absolute_import, division, print_function)

from .swe.observation import sos100, sos200
from .util import clean_ows_url


def SensorObservationService(url,
Expand All @@ -30,11 +31,14 @@ def SensorObservationService(url,
:param password: password for the username
:return: a version specific SensorObservationService object
"""

clean_url = clean_ows_url(url)

if version in ['1.0', '1.0.0']:
return sos100.SensorObservationService_1_0_0.__new__(
sos100.SensorObservationService_1_0_0, url, version,
sos100.SensorObservationService_1_0_0, clean_url, version,
xml, username, password)
elif version in ['2.0', '2.0.0']:
return sos200.SensorObservationService_2_0_0.__new__(
sos200.SensorObservationService_2_0_0, url, version,
sos200.SensorObservationService_2_0_0, clean_url, version,
xml, username, password)
35 changes: 30 additions & 5 deletions owslib/util.py
Original file line number Diff line number Diff line change
Expand Up @@ -15,11 +15,7 @@
import pytz
from owslib.etree import etree, ParseError
from owslib.namespaces import Namespaces
try: # Python 3
from urllib.parse import urlsplit, urlencode
except ImportError: # Python 2
from urlparse import urlsplit
from urllib import urlencode
from six.moves.urllib.parse import urlsplit, urlencode, urlparse, parse_qs, urlunparse

try:
from StringIO import StringIO # Python 2
Expand Down Expand Up @@ -573,6 +569,35 @@ def strip_bom(raw_text):
return raw_text


def clean_ows_url(url):
"""
clean an OWS URL of basic service elements
source: https://stackoverflow.com/a/11640565
"""

filtered_kvp = {}
basic_service_elements = ('service', 'version', 'request')

parsed = urlparse(url)
qd = parse_qs(parsed.query, keep_blank_values=True)

for key, value in qd.items():
if key.lower() not in basic_service_elements:
filtered_kvp[key] = value

newurl = urlunparse([
parsed.scheme,
parsed.netloc,
parsed.path,
parsed.params,
urlencode(filtered_kvp, doseq=True),
parsed.fragment
])

return newurl


def bind_url(url):
"""binds an HTTP GET query string endpiont"""
if url.find('?') == -1: # like http://host/wms
Expand Down
10 changes: 6 additions & 4 deletions owslib/wcs.py
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@

from . import etree
from .coverage import wcs100, wcs110, wcs111, wcsBase
from owslib.util import openURL
from owslib.util import clean_ows_url, openURL


def WebCoverageService(url, version=None, xml=None, cookies=None, timeout=30):
Expand All @@ -33,9 +33,11 @@ def WebCoverageService(url, version=None, xml=None, cookies=None, timeout=30):
version = capabilities.get('version')
del capabilities

clean_url = clean_ows_url(url)

if version == '1.0.0':
return wcs100.WebCoverageService_1_0_0.__new__(wcs100.WebCoverageService_1_0_0, url, xml, cookies)
return wcs100.WebCoverageService_1_0_0.__new__(wcs100.WebCoverageService_1_0_0, clean_url, xml, cookies)
elif version == '1.1.0':
return wcs110.WebCoverageService_1_1_0.__new__(wcs110.WebCoverageService_1_1_0,url, xml, cookies)
return wcs110.WebCoverageService_1_1_0.__new__(wcs110.WebCoverageService_1_1_0, clean_url, xml, cookies)
elif version == '1.1.1':
return wcs111.WebCoverageService_1_1_1.__new__(wcs111.WebCoverageService_1_1_1,url, xml, cookies)
return wcs111.WebCoverageService_1_1_1.__new__(wcs111.WebCoverageService_1_1_1, clean_url, xml, cookies)
10 changes: 7 additions & 3 deletions owslib/wfs.py
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@
from __future__ import (absolute_import, division, print_function)

from .feature import wfs100, wfs110, wfs200
from .util import clean_ows_url


def WebFeatureService(url, version='1.0.0', xml=None, parse_remote_metadata=False,
Expand All @@ -33,18 +34,21 @@ def WebFeatureService(url, version='1.0.0', xml=None, parse_remote_metadata=Fals
@param password: service authentication password
@return: initialized WebFeatureService_2_0_0 object
'''

clean_url = clean_ows_url(url)

if version in ['1.0', '1.0.0']:
return wfs100.WebFeatureService_1_0_0(url, version, xml, parse_remote_metadata,
return wfs100.WebFeatureService_1_0_0(clean_url, version, xml, parse_remote_metadata,
timeout=timeout,
username=username,
password=password)
elif version in ['1.1', '1.1.0']:
return wfs110.WebFeatureService_1_1_0(url, version, xml, parse_remote_metadata,
return wfs110.WebFeatureService_1_1_0(clean_url, version, xml, parse_remote_metadata,
timeout=timeout,
username=username,
password=password)
elif version in ['2.0', '2.0.0']:
return wfs200.WebFeatureService_2_0_0(url, version, xml, parse_remote_metadata,
return wfs200.WebFeatureService_2_0_0(clean_url, version, xml, parse_remote_metadata,
timeout=timeout,
username=username,
password=password)
8 changes: 6 additions & 2 deletions owslib/wms.py
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@

from __future__ import (absolute_import, division, print_function)
from .map import wms111, wms130
from .util import clean_ows_url


def WebMapService(url,
Expand All @@ -39,13 +40,16 @@ def WebMapService(url,
@param timeout: time (in seconds) after which requests should timeout
@return: initialized WebFeatureService_2_0_0 object
'''

clean_url = clean_ows_url(url)

if version in ['1.1.1']:
return wms111.WebMapService_1_1_1(url, version=version, xml=xml,
return wms111.WebMapService_1_1_1(clean_url, version=version, xml=xml,
parse_remote_metadata=parse_remote_metadata,
username=username, password=password,
timeout=timeout, headers=headers)
elif version in ['1.3.0']:
return wms130.WebMapService_1_3_0(url, version=version, xml=xml,
return wms130.WebMapService_1_3_0(clean_url, version=version, xml=xml,
parse_remote_metadata=parse_remote_metadata,
username=username, password=password,
timeout=timeout, headers=headers)
Expand Down
4 changes: 2 additions & 2 deletions owslib/wmts.py
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@
from urllib import urlencode
from urlparse import urlparse, urlunparse, parse_qs, ParseResult
from .etree import etree
from .util import openURL, testXMLValue, getXMLInteger
from .util import clean_ows_url, openURL, testXMLValue, getXMLInteger
from .fgdc import Metadata
from .iso import MD_Metadata
from .ows import ServiceProvider, ServiceIdentification, OperationsMetadata
Expand Down Expand Up @@ -159,7 +159,7 @@ def __init__(self, url, version='1.0.0', xml=None, username=None,
requests.
"""
self.url = url
self.url = clean_ows_url(url)
self.username = username
self.password = password
self.version = version
Expand Down
4 changes: 2 additions & 2 deletions owslib/wps.py
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,7 @@
from owslib.etree import etree
from owslib.ows import DEFAULT_OWS_NAMESPACE, ServiceIdentification, ServiceProvider, OperationsMetadata, BoundingBox
from time import sleep
from owslib.util import (testXMLValue, build_get_url, dump, getTypedValue,
from owslib.util import (testXMLValue, build_get_url, clean_ows_url, dump, getTypedValue,
getNamespace, element_to_string, nspath, openURL, nspath_eval, log)
from xml.dom.minidom import parseString
from owslib.namespaces import Namespaces
Expand Down Expand Up @@ -188,7 +188,7 @@ def __init__(self, url, version=WPS_DEFAULT_VERSION, username=None, password=Non
"""

# fields passed in from object initializer
self.url = url
self.url = clean_ows_url(url)
self.username = username
self.password = password
self.version = version
Expand Down
24 changes: 24 additions & 0 deletions tests/doctests/util.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@

Imports

>>> from __future__ import (absolute_import, division, print_function)
>>> from owslib.util import clean_ows_url

Tests

>>> clean_ows_url('http//example.org/wms')
'http//example.org/wms'
>>> clean_ows_url('http//example.org/wms?service=WMS')
'http//example.org/wms'
>>> clean_ows_url('http//example.org/wms?SERVICE=WMS')
'http//example.org/wms'
>>> clean_ows_url('http//example.org/wms?SeRvIcE=WMS')
'http//example.org/wms'
>>> clean_ows_url('http//example.org/wms?SeRvIcE=WMS&version=1.3.0&request=GetCapabilities')
'http//example.org/wms'
>>> clean_ows_url('http//example.org/wms?foo=bar&SeRvIcE=WMS&version=1.3.0&request=GetCapabilities')
'http//example.org/wms?foo=bar'
>>> clean_ows_url('http://example.org/wms?map=/path/to/foo.map&SERVICE=WMS&version=1.3.0&request=GetCapabilities')
'http://example.org/wms?map=%2Fpath%2Fto%2Ffoo.map'
>>> clean_ows_url('http://example.org/wms?map=/path/to/foo.map&foo=bar&&SERVICE=WMS&version=1.3.0&request=GetCapabilities')
'http://example.org/wms?map=%2Fpath%2Fto%2Ffoo.map&foo=bar'

0 comments on commit 52ad2e8

Please sign in to comment.