[Mapbender-commits] r9738 - trunk/mapbender/owsproxy/http

Wed May 10 05:07:19 PDT 2017

Author: armin11
Date: 2017-05-10 05:07:19 -0700 (Wed, 10 May 2017)
New Revision: 9738

Modified:
   trunk/mapbender/owsproxy/http/index.php
Log:
New possibilities for secured ows getfeatureinfo requests

Modified: trunk/mapbender/owsproxy/http/index.php
===================================================================

--- trunk/mapbender/owsproxy/http/index.php	2017-05-10 12:07:06 UTC (rev 9737)
+++ trunk/mapbender/owsproxy/http/index.php	2017-05-10 12:07:19 UTC (rev 9738)
@@ -30,6 +30,8 @@
 {
     require_once(dirname(__FILE__) . "/../../conf/excludeproxyurls.conf");
 }
+//
+
 //database connection
 $con = db_connect(DBSERVER, OWNER, PW);
 db_select_db(DB, $con);
@@ -206,6 +208,8 @@
 		if ($auth['auth_type'] == '') {
     			unset($auth);
 		}
+		//get info about the url exchange management
+		$exchangeUrlsWmsFi = $n->getWmsExchangeUrlTag($wmsId);
 	break;
 		
 	case 'wfs':
@@ -259,6 +263,9 @@
         break;
     case 'getfeatureinfo':
         $arrayOnlineresources = checkWmsPermission($query->getOwsproxyServiceId(), $userId);
+	//define following global to use it in matchUrls function**************
+	$featureInfoUrl = $arrayOnlineresources['wms_getfeatureinfo'];
+	//*********************************************************************
         $query->setOnlineResource($arrayOnlineresources['wms_getfeatureinfo']);
         $request = $query->getRequest();
         //Ergaenzungen secured UMN Requests
@@ -737,6 +744,9 @@
 function matchUrls($content)
 {
 	global $urlsToExclude;
+	global $featureInfoUrl;
+	global $exchangeUrlsWmsFi;
+
 	//check if isset owsproxyUrls else create
 	$owsproxyUrls = Mapbender::session()->get('owsproxyUrls');
 	if ($owsproxyUrls == false) {
@@ -755,6 +765,23 @@
 		if (in_array($req,$urlsToExclude)) {
        	 		continue;
 		}
+		//Generaly urls should not be exchanged. It must be controlled, if it directly come from the same server as the fi request. Those urls have always to be exchanged!  
+		if ($exchangeUrlsWmsFi === "0") {
+			//get servername for featureinfo request
+			$url_array = parse_url($featureInfoUrl);
+			$servername = $url_array['scheme']."://".$url_array['host'];
+			//test if url came from same server - if not use original urls!
+			//switch for localhost/127.0.0.1 - they are the same!
+			if ($url_array['host'] == 'localhost' || $url_array['host'] == '127.0.0.1') {
+				if (strpos($req, $url_array['scheme']."://"."localhost") !== 0 && strpos($req, $url_array['scheme']."://"."127.0.0.1") !== 0) {
+						continue;
+				}
+			} else {
+				if (strpos($req, $servername) !== 0) {
+					continue;
+				}
+			}
+		}
         	$id = registerURL($req);
         	$extReq = setExternalRequest($id);
         	$notice = new mb_notice("MD5 URL " . $id . " - external link: " . $extReq);

