[Server] Extend the WMS FILTER whitelist with IS, NOT, NULL #31517
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rldhont
commented
Sep 1, 2019
The QGIS Server Filter parameter accept OGC Filter and an SQL where clause. In the case of the SQL where clause, to avoid injection and garanty some safety, QGIS Server uses a whitelist of allowed characters and keywords. The whitelist was AND,OR,IN,=,<,>=,>,>=,!=,',',(,),DMETAPHONE,SOUNDEX. We need to be able to handle NULL values.
rldhont
force-pushed
the
server-wms-filter-whitelist
branch
from
cec3652
to
2c21978
Compare
|
If memory serves me right, I think that this PR fixes an issue raised by @elemoine some weeks ago, but I didn't succeed in retrieving the dedicated ticket... |
Indeed. And the change looks good to me. |
|
+1 for merge and backport |
|
The backport to To backport manually, run these commands in your terminal: # Fetch latest updates from GitHub.
git fetch
# Create new working tree.
git worktree add .worktrees/backport release-3_4
# Navigate to the new directory.
cd .worktrees/backport
# Cherry-pick all the commits of this pull request and resolve the likely conflicts.
git cherry-pick 2c2197867c4901c5353cb262b3b54ac155991f7c
# Create a new branch with these backported commits.
git checkout -b backport-31517-to-release-3_4
# Push it to GitHub.
git push --set-upstream origin backport-31517-to-release-3_4
# Go back to the original working tree.
cd ../..
# Delete the working tree.
git worktree remove .worktrees/backportThen, create a pull request where the |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The QGIS Server Filter parameter accept OGC Filter and an SQL where clause.
In the case of the SQL where clause, to avoid injection and garanty some safety, QGIS Server uses a whitelist of allowed characters and keywords.
The whitelist was AND,OR,IN,=,<,>=,>,>=,!=,',',(,),DMETAPHONE,SOUNDEX.
We need to be able to handle NULL values.
Description
Checklist
Fixes #11111at the bottom of the commit messagescripts/prepare-commit.shscript before each commit