Hi all,
I was working on a project and noticed that, if I do not provide any keys, an HTTP request is sent to google API.
According to Geocoding Developer's Guide, one of the required parameters in a geocoding request is an API key, or even client ID and digital signature for premium users. That means no request should be sent to google API without any of those parameters.
I do not know much about the conception of this module but, the way it is structured, it seems that it will not be worth to remove the empty option from the authentication method select box, since it is possible to use different third-party services other than google API. I propose that we check if the key/client ID is set right before building the URL to make the request and trigger an watchdog error in case none of those parameters were provided.
N/A.
N/A.
N/A.
N/A.
| Comment | File | Size | Author |
|---|---|---|---|
| #11 | geocoder-google-request-without-key-2954088-11.patch | 1.46 KB | hmdnawaz |
| #6 | geocoder-google-request-without-key-2954088-6.patch | 1.16 KB | noman_297 |
Comments
Comment #2
Guillhermm commentedComment #3
Guillhermm commentedComment #4
Guillhermm commentedComment #5
diego_mow commentedPatch from comment #3 tested and works fine.
TRBC.
Comment #6
noman_297 commentedPatch in comment #3 is updated for 7.x-1.4 line numbers are changed in version 7.x-1.4.
Comment #7
hmdnawaz commentedRerolled the patch for version 7.x-1.4
Comment #8
hmdnawaz commentedComment #9
hmdnawaz commentedComment #10
itamair commentedthis need reroll and new review
Comment #11
hmdnawaz commentedRerolled the patch for version 1.5
Comment #12
hmdnawaz commentedComment #14
itamair commentedthanks @hmdnawaz
Finally committed into dev, I am going to deploy a new 7.x-1.6 release with this ...