I looked at the example URL and it is getting blocked because of a "java.net.URISyntaxException: Illegal character in query". The URL checking feature was modified to reject URLs that contain invalid characters to prevent them from bypassing the URL normalization and allowing access to arbitrary URL paths. A feature enhancement would be to modify the URL normalization to properly normalize the URL path even with invalid characters in the query and fragment.
If it is feasible to modify your image URLs, changing all of the "|" characters to the string "%7c" should allow it to pass the URL check although your image service will have to know to decode it. Steve Ikeoka ________________________________ From: Andrea Aime <andrea.a...@geosolutionsgroup.com> Sent: Friday, September 1, 2023 3:00 AM To: Karsten Darré <k...@lifa.dk> Cc: geoserver-users@lists.sourceforge.net <geoserver-users@lists.sourceforge.net> Subject: Re: [Geoserver-users] Dynamic generated image url in SLD not working in 2.23.2 [External: Use caution with links & attachments] On Fri, Sep 1, 2023 at 11:34 AM Karsten Darré via Geoserver-users <geoserver-users@lists.sourceforge.net<mailto:geoserver-users@lists.sourceforge.net>> wrote: Do any of you have an idea of what has changed in 2.23.2? New security check, described in the GeoServer 2.23.2 release announcement: https://geoserver.org/announcements/2023/07/21/geoserver-2-23-2-released.html<https://urldefense.us/v3/__https://geoserver.org/announcements/2023/07/21/geoserver-2-23-2-released.html__;!!JRQnnSFuzw7wjAKq6ti6!093LcUCjsPHsz4dNYeVB8vsCQAG9GPSoY6BvUx4fw9K224M6ThxNCB-ssg3VfvgX961Ddiak-JQi6xBY75NrOZiWHTgEt3E$> and documented in detail here: https://docs.geoserver.org/maintain/en/user/security/urlchecks.html<https://urldefense.us/v3/__https://docs.geoserver.org/maintain/en/user/security/urlchecks.html__;!!JRQnnSFuzw7wjAKq6ti6!093LcUCjsPHsz4dNYeVB8vsCQAG9GPSoY6BvUx4fw9K224M6ThxNCB-ssg3VfvgX961Ddiak-JQi6xBY75NrOZiWGwa3L-E$> You'll have to whitelist the host that generates the dynamic images Cheers Andrea == GeoServer Professional Services from the experts! Visit http://bit.ly/gs-services-us<https://urldefense.us/v3/__http://bit.ly/gs-services-us__;!!JRQnnSFuzw7wjAKq6ti6!093LcUCjsPHsz4dNYeVB8vsCQAG9GPSoY6BvUx4fw9K224M6ThxNCB-ssg3VfvgX961Ddiak-JQi6xBY75NrOZiWp-DJEGE$> for more information. == Ing. Andrea Aime @geowolf Technical Lead GeoSolutions Group phone: +39 0584 962313 fax: +39 0584 1660272 mob: +39 339 8844549 https://www.geosolutionsgroup.com/<https://urldefense.us/v3/__https://www.geosolutionsgroup.com/__;!!JRQnnSFuzw7wjAKq6ti6!093LcUCjsPHsz4dNYeVB8vsCQAG9GPSoY6BvUx4fw9K224M6ThxNCB-ssg3VfvgX961Ddiak-JQi6xBY75NrOZiWp3CjB3c$> http://twitter.com/geosolutions_it<https://urldefense.us/v3/__http://twitter.com/geosolutions_it__;!!JRQnnSFuzw7wjAKq6ti6!093LcUCjsPHsz4dNYeVB8vsCQAG9GPSoY6BvUx4fw9K224M6ThxNCB-ssg3VfvgX961Ddiak-JQi6xBY75NrOZiWRL0nMhw$> ------------------------------------------------------- Con riferimento alla normativa sul trattamento dei dati personali (Reg. UE 2016/679 - Regolamento generale sulla protezione dei dati “GDPR”), si precisa che ogni circostanza inerente alla presente email (il suo contenuto, gli eventuali allegati, etc.) è un dato la cui conoscenza è riservata al/i solo/i destinatario/i indicati dallo scrivente. Se il messaggio Le è giunto per errore, è tenuta/o a cancellarlo, ogni altra operazione è illecita. Le sarei comunque grato se potesse darmene notizia. This email is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential or otherwise protected from disclosure. We remind that - as provided by European Regulation 2016/679 “GDPR” - copying, dissemination or use of this e-mail or the information herein by anyone other than the intended recipient is prohibited. If you have received this email by mistake, please notify us immediately by telephone or e-mail
_______________________________________________ Geoserver-users mailing list Please make sure you read the following two resources before posting to this list: - Earning your support instead of buying it, but Ian Turton: http://www.ianturton.com/talks/foss4g.html#/ - The GeoServer user list posting guidelines: http://geoserver.org/comm/userlist-guidelines.html If you want to request a feature or an improvement, also see this: https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer Geoserver-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-users