X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/fd31d0bd32886ca4075d4938e374c5c7d72c9b8c..1415d2444cd7d173ece1adf827199e238240cdb4:/cookbooks/tile/templates/default/export.erb?ds=inline diff --git a/cookbooks/tile/templates/default/export.erb b/cookbooks/tile/templates/default/export.erb index dfd076252..8fa4672b9 100644 --- a/cookbooks/tile/templates/default/export.erb +++ b/cookbooks/tile/templates/default/export.erb @@ -1,15 +1,18 @@ -#!/usr/bin/python -u +#!/usr/bin/python3 -u # -*- coding: utf-8 -*- import cairo import cgi +import http.cookies import mapnik import os +import pyotp +import pyproj +import resource import shutil +import signal import sys import tempfile -import resource -import signal # Limit maximum CPU time # The Postscript output format can sometimes take hours @@ -21,17 +24,17 @@ resource.setrlimit(resource.RLIMIT_AS,(4000000000, 4000000000)) # Routine to output HTTP headers def output_headers(content_type, filename = "", length = 0): - print "Content-Type: %s" % content_type + print("Content-Type: %s" % content_type) if filename: - print "Content-Disposition: attachment; filename=\"%s\"" % filename + print("Content-Disposition: attachment; filename=\"%s\"" % filename) if length: - print "Content-Length: %d" % length - print "" + print("Content-Length: %d" % length) + print("") # Routine to output the contents of a file def output_file(file): file.seek(0) - shutil.copyfileobj(file, sys.stdout) + shutil.copyfileobj(file, sys.stdout.buffer) # Routine to get the size of a file def file_size(file): @@ -39,31 +42,50 @@ def file_size(file): # Routine to report an error def output_error(message, status = "400 Bad Request"): - print "Status: %s" % status + print("Status: %s" % status) output_headers("text/html") - print "" - print "
" - print "%s
" % message - print "" - print "" + print("") + print("") + print("%s
" % message) + print("") + print("") + +# Create TOTP token validator +totp = pyotp.TOTP('<%= @totp_key %>', interval = 3600) # Parse CGI parameters form = cgi.FieldStorage() +# Import cookies +cookies = http.cookies.SimpleCookie(os.environ.get('HTTP_COOKIE')) + # Make sure we have a user agent -if not os.environ.has_key('HTTP_USER_AGENT'): +if 'HTTP_USER_AGENT' not in os.environ: os.environ['HTTP_USER_AGENT'] = 'NONE' +# Make sure we have a referer +if 'HTTP_REFERER' not in os.environ: + os.environ['HTTP_REFERER'] = 'NONE' + +# Look for TOTP token +if '_osm_totp_token' in cookies: + token = cookies['_osm_totp_token'].value +else: + token = None + # Get the load average cputimes = [float(n) for n in open("/proc/stat").readline().rstrip().split()[1:-1]] idletime = cputimes[3] / sum(cputimes) # Process the request -if idletime < 0.2: +if not totp.verify(token, valid_window = 1): + # Abort if the request didn't have a valid TOTP token + output_error("Missing or invalid token") +elif idletime < 0.2: # Abort if the CPU idle time on the machine is too low output_error("The server is too busy at the moment. Please wait a few minutes before trying again.", "503 Service Unavailable") <% @blocks["user_agents"].each do |user_agent| -%> @@ -71,18 +93,23 @@ elif os.environ['HTTP_USER_AGENT'] == '<%= user_agent %>': # Block scraper output_error("The server is too busy at the moment. Please wait a few minutes before trying again.", "503 Service Unavailable") <% end -%> -elif not form.has_key("bbox"): +<% @blocks["referers"].each do |referer| -%> +elif os.environ['HTTP_REFERER'] == '<%= referer %>': + # Block scraper + output_error("The server is too busy at the moment. Please wait a few minutes before trying again.", "503 Service Unavailable") +<% end -%> +elif "bbox" not in form: # No bounding box specified output_error("No bounding box specified") -elif not form.has_key("scale"): +elif "scale" not in form: # No scale specified output_error("No scale specified") -elif not form.has_key("format"): +elif "format" not in form: # No format specified output_error("No format specified") else: # Create projection object - prj = mapnik.Projection("+proj=merc +a=6378137 +b=6378137 +lat_ts=0.0 +lon_0=0.0 +x_0=0.0 +y_0=0 +k=1.0 +units=m +nadgrids=@null +no_defs +over"); + transformer = pyproj.Transformer.from_crs("EPSG:4326", "EPSG:3857", always_xy=True) # Get the bounds of the area to render bbox = [float(x) for x in form.getvalue("bbox").split(",")] @@ -92,7 +119,8 @@ else: output_error("Invalid bounding box") else: # Project the bounds to the map projection - bbox = mapnik.forward_(mapnik.Box2d(*bbox), prj) + bbox = mapnik.Box2d(*transformer.transform(bbox[0], bbox[1]), + *transformer.transform(bbox[2], bbox[3])) # Get the style to use style = form.getvalue("style", "default") @@ -126,16 +154,17 @@ else: mapnik.render(map, image) png = image.tostring("png") output_headers("image/png", "map.png", len(png)) - sys.stdout.write(png) + sys.stdout.buffer.write(png) elif form.getvalue("format") == "jpeg": image = mapnik.Image(map.width, map.height) mapnik.render(map, image) jpeg = image.tostring("jpeg") output_headers("image/jpeg", "map.jpg", len(jpeg)) - sys.stdout.write(jpeg) + sys.stdout.buffer.write(jpeg) elif form.getvalue("format") == "svg": file = tempfile.NamedTemporaryFile(prefix = "export") surface = cairo.SVGSurface(file.name, map.width, map.height) + surface.restrict_to_version(cairo.SVG_VERSION_1_2) mapnik.render(map, surface) surface.finish() output_headers("image/svg+xml", "map.svg", file_size(file))