WMS GetMap HEAD request error response - check response status defined #8023
Conversation
| @@ -900,7 +900,7 @@ | |||
| imageTile.getImage().src = src; | |||
| }, | |||
| function (r) { | |||
| if (r.status === 414) { | |||
| if (r.status && r.status === 414) { | |||
There was a problem hiding this comment.
What does that new check achieve? It seems superfluous
There was a problem hiding this comment.
If CORS is not enabled, the response object has no status
It looks like some servers add CORS header on GET and not on HEAD. Also depending on Apache config, if there is an error, then CORS header are not always present (depends on virtual host config and the set header directive).
The CORS interceptor does not make the difference between operation so it will start using the proxy for GET if an HEAD request fails (and then GET request may also be not allowed causing subsequent issues).
There was a problem hiding this comment.
@jahow without that check, when the response has no status (as described previously by @fxprunayre ), it fails accessing r.status, what causes the CORS interceptor to add the server in the list to use the http proxy when accessing any url from that server.
So if you are unlogged and try to add a layer from that server in the map viewer (Add layers > Services > WMS), you get the following error:
Due to the http proxy default policy to require the service to be defined in the metadata and analysed with the link analysis tool, for unlogged users. The service seems working fine with CORS for GET operations.
There was a problem hiding this comment.
No but I meant, if r.status equals 414 then it has to be truthy; I just don't get the r.status && part
There was a problem hiding this comment.
@jahow see the commment from @fxprunayre in his reply:
If CORS is not enabled, the response object has no status
There was a problem hiding this comment.
I understand but:
- if
r.statusis undefined thenr.status === 414will return false - if
r.statusis undefined thenr.status && r.status === 414will return undefined - if
r.statusis 414 thenr.status === 414will return true - if
r.statusis 414 thenr.status && r.status === 414will also return true - if
r.statusis 200 thenr.status === 414will return false - if
r.statusis 200 thenr.status && r.status === 414will also return false
I'm just not sure this change is going to do anything at all?
There was a problem hiding this comment.
@jahow you are totally right, apologies. I was testing several options and I seems I got confused with the one that worked.
I just updated the code to avoid the CORS interceptor for the HEAD request, that is working fine. Doesn't seem optimal, but at least looks working fine.
josegar74
force-pushed
the
44-followup-pr-7000
branch
from
eb1b884
to
c42a111
Compare
If the map service doesn't support HEAD (or CORS for HEAD requests), all other requests to the server go through the http proxy, even if the server supports CORS for these requests
josegar74
force-pushed
the
44-followup-pr-7000
branch
from
c42a111
to
5535b5a
Compare
|
As this service is supporting CORS for GET but not for HEAD, an other option is to add the method to the
The proxy may still be useful in some case for HEAD requests? For the other case, when a service is not providing CORS header on HTTP errors, then it is probably more difficult and has to be properly configured on the WMS side. |
|
@fxprunayre what should contain |
Some servers provides CORS header for some method eg. GET and not for other eg. HEAD. In such case, if a failure occurs on a HEAD request, then the proxy is activated for that domain but is not needed for GET request. If user is anonymous, then proxy forbid access to the domain (if the domain is not in the link analysis table with default configuration) and simple action like `GetCapabilities` will fail. Add the method to the domain as key to know if the proxy has to be used or not. Can be tested with https://haleconnect.com/ows/services/org.789.b36c0053-db6b-4fe7-9402-4e5d8ac35e06_wms
If CORS is not allowed for WMS GetMap HEAD request, the error response doesn't contain the status property. Protect the related check.
Follow up of #7000
Checklist
mainbranch, backports managed with labelREADME.mdfilespom.xmldependency management. Update build documentation with intended library use and library tutorials or documentation