[mapserver-dev] OGC API Review Requested

Even Rouault even.rouault at spatialys.com
Wed Jun 30 07:23:14 PDT 2021

> I'm interested in what folks think about the Inja templating/includes 
> issues detailed in the Security Considerations -> Template Handling 
> section.
Templates are supposed to be under full control of the mapserver 
administrator, and not users triggering the API, right ? So I'm not sure 
what actual security issue there is.
> /*task:* add ows_contact* information to the landing page (from the 
> associated values set in the mapfile)/
Probably done per 
> I don't think contact information is part of the core specification 
> is it? I see pygeoapi does support it but is there a standard approach...

It is used for the /api end point and is optional.

Anyway, regarding other items in the wishlist, we should merge the 
current work ASAP and deal with further changes as increments / tickets.


My software is free, but my time generally not.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/mapserver-dev/attachments/20210630/7192cbf5/attachment.html>

More information about the mapserver-dev mailing list