search

geopython / pygeoapi

pygeoapi is a Python server implementation of the OGC API suite of standards. The project emerged as part of the next generation OGC API efforts in 2018 and provides the capability for organizations to deploy a RESTful OGC API endpoint using OpenAPI, GeoJSON, and HTML. pygeoapi is open source and released under an MIT license.
https://pygeoapi.io
MIT License
461 stars 251 forks source link

gzip compression not applied in starlette (invalid header handling) #1591

Closed totycro closed 2 weeks ago

totycro commented 4 months ago

Description When using pygeoapi --starlette and adding the request header Accept-Encoding: gzip, the response is not actually gzipped.

The problem lies in these two lines: https://github.com/geopython/pygeoapi/blob/master/pygeoapi/api.py#L640
https://github.com/geopython/pygeoapi/blob/master/pygeoapi/api.py#L625

In starlette, header names are case insensitive (as by HTTP spec). So you can do accept-encoding in request.headers or Accept-Encoding in request.headers and both will return True. However in get_request_headers, the headers are listed, and in this operation the names are lower cased.

Thus in get_response_headers, Accept-Encoding can never actually be present in the headers dict, only accept-encoding.

Note that this bug probably doesn't cause more problems since the request headers only seem to be used for gzip here.

Here's the starlette documentation: https://www.starlette.io/requests/#headers

A fix could be to lowercase all request headers in get_request_headers

Expected behavior The response should be gzipped.

Screenshots/Tracebacks An example set of request headers as printed in starlette:

{'host': 'localhost:5000', 'user-agent': 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0', 'accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8', 'accept-language': 'en-US,en;q=0.5', 'accept-encoding': 'gzip', 'connection': 'keep-alive', 'cookie': '...;, 'upgrade-insecure-requests': '1', 'sec-fetch-dest': 'document', 'sec-fetch-mode': 'navigate', 'sec-fetch-site': 'cross-site', 'pragma': 'no-cache', 'cache-control': 'no-cache'}

Environment

github-actions[bot] commented 4 weeks ago

This Issue has been inactive for 90 days. As per RFC4, in order to manage maintenance burden, it will be automatically closed in 7 days.

github-actions[bot] commented 2 weeks ago

As per RFC4, this Issue has been closed due to there being no activity for more than 90 days.