Re: [Geoserver-users] Handling of a detected security flaw

In the future I recommend joining the Skype meeting that happens every two weeks it is a suitable publuc/ open to all way communicate that is not immedtiatly searchable. The other avenue is via the OSGeo foundation, where we have Andrea as a GeoServer project officer who can be contacted on sensit

Re: [Geoserver-users] how to create a totally dynamic GeoServer layer - and dynamic heights in KML output ?

Very good suggestion. I did set a default value and was able to save the layer based on the SQL view that has this query SELECT *, %myheight% as height from mytable The kml that I can get from the preview works too.' Now when i try to use the variable %myheight% like in this string in the kml fi

Re: [Geoserver-users] Geoserver WPS python scripting

Hi Justin Sorry, I'm using geoserver SNAPSHOT from https://github.com/boundlessgeo/suite . Then what I did was: mvn clean install -Dgs.flags="-P wps,script,script-py" and I think it worked. Thanks. 2014-05-07 8:49 GMT-03:00 Justin Deoliveira : > Hi Pablo, > > What directory are you runnin

Re: [Geoserver-users] Geoserver WMS GetMap Extensibility

Thanks Andrea. Atenciosamente, [cid:image001.jpg@01CF6BB0.5FFFA7C0] [cid:image002.jpg@01CF6BB0.5FFFA7C0] Bruno da Fonseca SAPO Technology Department GIS/Maps +351 967210103 bruno.fons...@telecom.pt From: andrea.a...@gmail.com [mailto

Re: [Geoserver-users] Handling of a detected security flaw

Hi Andrea, I think I misconveyed my message. You have good points, but GeoServer is a fairly sizeable community, both of developers and users. The reason I tried to coax a discussion is because while there isn't a "GeoServer foundation" (like Mozilla/Apache/Linux etc), I wondered if maybe the c

Re: [Geoserver-users] Geoserver WMS GetMap Extensibility

On Fri, May 9, 2014 at 5:44 PM, Bruno M. Fonseca wrote: > I´ve searched on the developer documentation about a way to implement a > custom WMS.GetMap request of a specific content type. I haven’t found any > useful information about that. Can anyone help to achieve that? > There is no significant

Re: [Geoserver-users] Handling of a detected security flaw

On Fri, May 9, 2014 at 5:58 PM, Jonathan Moules < jonathanmou...@warwickshire.gov.uk> wrote: > I'm not sure I'd agree with Andrea's assessment of there only being two > ways to divulge a bug. Per my original post, there is the third way: > Responsible disclosure, and it is compatible with Open Sou

Re: [Geoserver-users] Handling of a detected security flaw

This one: http://demo.opengeo.org/geoserver/ows?SERVICE=WMS&request=";> http://www.w3.org/1999/xhtml%27> 27xss%27%29"/><" triggers on my 2.5-snapshot (8th May) and my 2.4.3. None of the others trigger on either 2.4.3 or the snapshot for me. === I'm not sure I'd agree with Andrea's ass

[Geoserver-users] Geoserver WMS GetMap Extensibility

I´ve searched on the developer documentation about a way to implement a custom WMS.GetMap request of a specific content type. I haven't found any useful information about that. Can anyone help to achieve that? Atenciosamente, [cid:image001.jpg@01CF6BA5.F2871A70] [cid:imag

Re: [Geoserver-users] Handling of a detected security flaw

For css read xss (Spell checker) Russ On 9 May 2014, at 16:30, Russell Hore wrote: > I just tried that on my 2.5 box and got a popup with css in it. > > Build Information > Version 2.5 > Git Revision 8cf3edcf5f61db010f7ad3fcb4613e7c0eabeaff > Build Date 18-Mar-2014 16:08 > GeoTools

Re: [Geoserver-users] Handling of a detected security flaw

I just tried that on my 2.5 box and got a popup with css in it. Build Information Version 2.5 Git Revision 8cf3edcf5f61db010f7ad3fcb4613e7c0eabeaff Build Date 18-Mar-2014 16:08 GeoTools Version 11.0 (rev fb9a2d3f88315d076523788cb8196ec89bb253f9) GeoWebCache Version 1.5.1 (rev 1.5.x/642

Re: [Geoserver-users] Handling of a detected security flaw

Hi, Ok, the open source way is fine with me. During a security test we discovered that there is a potential XSS (Cross site scripting) flaw in the generation of service exceptions in (some) WMS and WFS services of Geoserver 2.4.x. I haven ‘t been able to test using Geoserver 2.5, perhaps the fla

Re: [Geoserver-users] Problems with large amount of features from Oracle-DB

Excellent points Jukka. A further thought - if you are getting millions of features from the database at a time, it's not likely to matter which database you use - the limitation is more likely to be the network transactions as Geoserver has to request/receive millions of features. This is less of

Re: [Geoserver-users] Nested Geometric Functions in SLD of GeoServer

> > > > Anyways wants to open a ticket in Jira? > Hi Andrea, I was going to open a Jira but tested on 2.5 and it successfully failed validation, so seems like no need. Cheers, Jonathan -- This transmission is intended for the named addressee(s) only and may contain confidential, sensitive or pe

Re: [Geoserver-users] Nested Geometric Functions in SLD of GeoServer

On Fri, May 9, 2014 at 2:21 PM, Syed Shadab wrote: > Hi Jonathan, > > It worked for me also. It is doing as expected. Yes I was having too many > the_geom's. Actually validator should to throw error that too many > geometries (the_geom's) are being inputted. Anyway thanks a lot for your > kind he

Re: [Geoserver-users] Problems with large amount of features from Oracle-DB

Hi, Trying to optimize data in Oracle for making it to behave faster is one way. Another way is to stop and think if you could do something differently. I do not know your exact use case but here comes what I have been doing. If the computer screen has 1000 by 1000 pixels it makes one million p

Re: [Geoserver-users] Nested Geometric Functions in SLD of GeoServer

Hi Syed, Actually in 2.5 it does fail validation. So it's already fixed. Regards, Jonathan On 9 May 2014 13:21, Syed Shadab wrote: > Hi Jonathan, > > It worked for me also. It is doing as expected. Yes I was having too many > the_geom's. Actually validator should to throw error that too many

Re: [Geoserver-users] Nested Geometric Functions in SLD of GeoServer

Hi Jonathan, It worked for me also. It is doing as expected. Yes I was having too many the_geom's. Actually validator should to throw error that too many geometries (the_geom's) are being inputted. Anyway thanks a lot for your kind help. Syed Shadab On 9 May 2014 17:37, Jonathan Moules wrote:

Re: [Geoserver-users] Problems with large amount of features from Oracle-DB

Hi Franz, We have multi-million row Oracle layers too. They're quite slow, but I'm with Andrea in the "Blaming the [Oracle] database" - all of my indicates point to it being Oracle being slow for our stuff. There are several things we do: - Ensure the geometry is indexed. - Ensure any columns y

Re: [Geoserver-users] Handling of a detected security flaw

On Fri, May 9, 2014 at 1:32 PM, Isakson Mats wrote: > Hi, > > In general, how do you handle potential security flaws? Do we discuss the > potential flaw here on the mailing list? > There are two possible mechanisms: * the open source way, in the open, on the mailing list * the commercial way, i

Re: [Geoserver-users] Nested Geometric Functions in SLD of GeoServer

Hi Syed, Do you need an offset on an isometric? Offset (for a shadow) is typically used as an alternative. That said, you appear to have one too many the_geom's. This works for me: > > > the_geom > 200 > 0 >

Re: [Geoserver-users] Handling of a detected security flaw

Hi List, Cc'ing the dev list too because this raises a question that some googling doesn't answer - does GeoServer have a Responsible (or Full) Disclosure policy? I can't seem to find anything which is surprising given the nature of GeoServer as a server and thus potentially a portal into many orga

[Geoserver-users] Handling of a detected security flaw

Hi, In general, how do you handle potential security flaws? Do we discuss the potential flaw here on the mailing list? Regards Mats Isakson Systemutvecklare Lantmäteriet, Division Informationsförsörjning the Swedish mapping, cadastral and land registration authority Box 820,

Re: [Geoserver-users] Problems with large amount of features from Oracle-DB

On Wed, May 7, 2014 at 9:47 PM, frankzander wrote: > Hi, > > I want to use a GeoServer to display a large collection of spatial data, > stored in an oracle database (~4 million features spreaded on a radius of > 150 miles). I added the database as a data source (oracle plugin) and added > a layer

[Geoserver-users] Problems with large amount of features from Oracle-DB

Hi, I want to use a GeoServer to display a large collection of spatial data, stored in an oracle database (~4 million features spreaded on a radius of 150 miles). I added the database as a data source (oracle plugin) and added a layer to publish the data. The layer preview with openlayers usually

[Geoserver-users] Tuning geoserver for production environment under JBOSS

Dear Friends, Am currently trying to use geoserver in JBOSS 7.1.1 ,I followed some tutorial and installed Geoserver 2.1.3 ,but the map rendering is much slow ,Is there any production environment available under JBoss environment -- *Anas A,* *Trinity Mobility Pvt. Ltd | Palakkad | +91773636

[Geoserver-users] Connection test failed: For input string: "4, 227359329868297"

Hello, I am trying to add a new store via "New WMS Connection". When I submit the form, I get the following error. Connection test failed: For input string: "4.227359329868297" I try to add the following capabilities: http://gis.irisnetlab.be/geoserver/sprb/wms?SERVICE=WMS&VERSION=1.3.0&REQUEST=

[Geoserver-users] Nested Geometric Functions in SLD of GeoServer

I want to use nested geometric functions in SLD of GeoServer. For example I want to set some offset for certain type of polygons in my data. Then output of the offset geometric function needs to be given as input to another geometric function isometric to give required extrusion. I tried with follo