Open slalomchip opened 4 years ago
paul-dorsetcouncil
commented
10 months ago We are also interested in how we might get WFS requests to use POST but for a slightly different reason. You can't do anything but simple filters on a WFS layer because it makes the GET request too long.
signedav
commented
10 months ago Yes. I have to check out the possibilities for a customer that has the problem with the long list as well. On it, but end-of-year-stress :exploding_head: Will keep you up to date. If others are on it or there is an interest in sponsoring an implementation, keep me up to date as well.
EmHain8
commented
9 months ago @signedav have you got any further movements on this?
QGIS Desktop uses a GET when sending WFS requests to OGC-compliant servers, such as GeoServer. I assume GET is used for other OGC requests, but I really don’t know. The characters space, “, :, <, >, =, are converted to the ASCII hexadecimal representations %20, %22, %3A, %3C, %3D, %3E in the string sent to the GeoServer. Even the special characters in the XML filters are converted to these hexadecimal representations.
Due to hackers and other data breaches that compromise sensitive information such as personal identifying information, medical records, userids and passwords, etc., more and more enterprises are increasing their gateway security with stricter firewall and antivirus settings, increased logging, and more. Some of these enterprises now block QGIS Desktop WFS requests because of the quantity of the %XX character combinations within a single request. The trend will only continue.
Please consider changing or adding an option to structure the WFS (and WMS, et al) requests as a POST with an attached XML document instead of a GET. POST messages with an attached XML document pass through these same security appliances that currently block QGIS Desktop’s GET requests.