Skip to content

Commit

Permalink
📦 3.0.0-alpha.23
Browse files Browse the repository at this point in the history
  • Loading branch information
dmfenton committed Apr 13, 2016
1 parent 7d6a147 commit b7bde84
Show file tree
Hide file tree
Showing 3 changed files with 16 additions and 2 deletions.
7 changes: 7 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@
All notable changes to this project will be documented in this file.
This project adheres to [Semantic Versioning](http://semver.org/).

## [3.0.0-alpha.23] - 2016-04-12
### Changed
* Sanitize jsonp callback in processFeatureServer

## [3.0.0-alpha.22] - 2016-04-04
### Fixed
* Remove duplicate json templates
Expand Down Expand Up @@ -648,6 +652,9 @@ Koop is now just a node module that exposes an express middleware app with hooks
- koop-server is no more; all central code is in the koop project
- to use Koop you must use it as middleware in an app that boots up an http server

[3.0.0-alpha.23]: https://github.com/koopjs/koop/compare/v3.0.0-alpha.22...v3.0.0-alpha.23
[3.0.0-alpha.22]: https://github.com/koopjs/koop/compare/v3.0.0-alpha.21...v3.0.0-alpha.22
[3.0.0-alpha.21]: https://github.com/koopjs/koop/compare/v3.0.0-alpha.20...v3.0.0-alpha.21
[3.0.0-alpha.20]: https://github.com/koopjs/koop/compare/v3.0.0-alpha.19...v3.0.0-alpha.20
[3.0.0-alpha.19]: https://github.com/koopjs/koop/compare/v3.0.0-alpha.18...v3.0.0-alpha.19
[3.0.0-alpha.18]: https://github.com/koopjs/koop/compare/v3.0.0-alpha.17...v3.0.0-alpha.18
Expand Down
2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"name": "koop",
"description": "Transform, query, & download geospatial data on the web",
"version": "3.0.0-alpha.22",
"version": "3.0.0-alpha.23",
"author": {
"name": "Chris Helm"
},
Expand Down
9 changes: 8 additions & 1 deletion src/lib/BaseController.js
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,10 @@ function execServerMethod (method, req, res, geojson) {
if (err) return res.status(400).send(err)
if (!geojson) return res.status(400).json({error: 'No data passed to feature server method'})
if (d.features && d.features.length > 1000) d.features = d.features.splice(0, 1000)
if (req.query.callback) return res.send(req.query.callback + '(' + JSON.stringify(d) + ')')
if (req.query.callback) {
const callback = sanitizeCallback(req.query.callback)
return res.send(callback + '(' + JSON.stringify(d) + ')')
}
res.status(200).json(d)
})
}
Expand All @@ -70,4 +73,8 @@ function execInfo (geojson, layer, query, res) {
})
}

function sanitizeCallback (callback) {
return callback.replace(/[^\w\d\.\(\)\[\]]/g, '')
}

module.exports = Controller

0 comments on commit b7bde84

Please sign in to comment.