fix/supabase and geobase integration #126
Conversation
…base integration - Fix taskOrTasks not being sent to geoai.pipeline() by passing tasks during initialization - Add pipeline caching based on provider and task combinations - Fix race condition in session creation preventing detection results from being saved - Add comprehensive debugging and logging for troubleshooting - Add DatabaseDebugger component for testing database connectivity - Improve error handling and user feedback for authentication issues - Update InteractiveMap to only enable oil tank detection by default to avoid task chaining errors Resolves issues with: - Detection results not being saved to Supabase database - TaskOrTasks parameter not being properly passed to AI pipeline - Session state race conditions during auto-save - Task chaining validation errors with multiple independent tasks
- Add architecture diagrams for both Standard Supabase and Geobase backends - Explain vector tileserver advantages with Geobase - Update setup instructions for both backend options - Document automatic backend detection based on URL - Clarify that Geobase is a backend alternative, not a map provider
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
|
|
||
| try { | ||
| // Determine attribution based on imagery source | ||
| const isOinHotosmImagery = geobaseConfig.cogImageryUrl.includes('oin-hotosm-temp.s3.us-east-1.amazonaws.com'); |
Check failure
Code scanning / CodeQL
Incomplete URL substring sanitization High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 9 days ago
To correctly check if the imagery comes from the intended host, first parse the URL in geobaseConfig.cogImageryUrl and then compare its host with 'oin-hotosm-temp.s3.us-east-1.amazonaws.com'. This prevents false matches from substrings embedded elsewhere in the URL (path, query, etc.). You should use the standard URL constructor available in JavaScript/TypeScript to safely extract the host. Replace the substring .includes() test with a direct comparison (equality) or explicit whitelist check of the parsed host.
The region to change is line 459, and possibly a variable definition for the hostname string (either inline or declared above for clarity). No new dependencies are required; the global URL class is available in modern browsers and Node.js.
| @@ -456,8 +456,15 @@ | ||
|
|
||
| try { | ||
| // Determine attribution based on imagery source | ||
| const isOinHotosmImagery = geobaseConfig.cogImageryUrl.includes('oin-hotosm-temp.s3.us-east-1.amazonaws.com'); | ||
| const attribution = isOinHotosmImagery | ||
| let isOinHotosmImagery = false; | ||
| try { | ||
| const urlObj = new URL(geobaseConfig.cogImageryUrl); | ||
| isOinHotosmImagery = urlObj.host === 'oin-hotosm-temp.s3.us-east-1.amazonaws.com'; | ||
| } catch (e) { | ||
| // Invalid URL or parsing error: treat as not OpenAerialMap | ||
| isOinHotosmImagery = false; | ||
| } | ||
| const attribution = isOinHotosmImagery | ||
| ? 'Geobase Backend | © OpenAerialMap contributors' | ||
| : 'Geobase Backend'; | ||
|
|
No description provided.