tileserver-gl-light 5.4.1-pre.0 → 5.5.0-pre.1

package/src/server.js

@@ -21,6 +21,7 @@ import {
   getTileUrls,
   getPublicUrl,
   isValidHttpUrl,
+  isValidRemoteUrl,
 } from './utils.js';
 
 import { fileURLToPath } from 'url';
@@ -59,7 +60,8 @@ async function start(opts) {
     app.use(
       morgan(logFormat, {
         stream: opts.logFile
-          ? fs.createWriteStream(opts.logFile, { flags: 'a' })
+          ? // eslint-disable-next-line security/detect-non-literal-fs-filename -- logFile is from CLI/config, admin-controlled
+            fs.createWriteStream(opts.logFile, { flags: 'a' })
           : process.stdout,
         skip: (req, res) =>
           opts.silent && (res.statusCode === 200 || res.statusCode === 304),
@@ -72,6 +74,7 @@ async function start(opts) {
   if (opts.configPath) {
     configPath = path.resolve(opts.configPath);
     try {
+      // eslint-disable-next-line security/detect-non-literal-fs-filename -- configPath is from CLI argument, expected behavior
       config = JSON.parse(fs.readFileSync(configPath, 'utf8'));
     } catch (e) {
       console.log('ERROR: Config file not found or invalid!');
@@ -106,8 +109,11 @@ async function start(opts) {
   const startupPromises = [];
 
   for (const type of Object.keys(paths)) {
+    // eslint-disable-next-line security/detect-object-injection -- type is from Object.keys of paths config
+    // eslint-disable-next-line security/detect-non-literal-fs-filename, security/detect-object-injection -- paths[type] constructed from validated config paths
     if (!fs.existsSync(paths[type])) {
       console.error(
+        // eslint-disable-next-line security/detect-object-injection -- type is from Object.keys of paths config
         `The specified path for "${type}" does not exist (${paths[type]}).`,
       );
       process.exit(1);
@@ -122,6 +128,7 @@ async function start(opts) {
    */
   async function getFiles(directory) {
     // Fetch all entries of the directory and attach type information
+    // eslint-disable-next-line security/detect-non-literal-fs-filename -- directory is constructed from validated config paths
     const dirEntries = await fs.promises.readdir(directory, {
       withFileTypes: true,
     });
@@ -150,10 +157,13 @@ async function start(opts) {
 
   if (options.dataDecorator) {
     try {
+      // eslint-disable-next-line security/detect-non-literal-require -- dataDecorator path is from config file, admin-controlled
       options.dataDecoratorFunc = require(
         path.resolve(paths.root, options.dataDecorator),
       );
-    } catch (e) {}
+    } catch (e) {
+      // Silently fail if dataDecorator cannot be loaded
+    }
   }
 
   const data = clone(config.data || {});
@@ -178,13 +188,14 @@ async function start(opts) {
    * @param {object} item - The style configuration object.
    * @param {boolean} allowMoreData - Whether to allow adding more data sources.
    * @param {boolean} reportFonts - Whether to report fonts.
-   * @returns {Promise<void>}
+   * @returns {Promise<boolean>} - Returns true if successful, false otherwise.
    */
   async function addStyle(id, item, allowMoreData, reportFonts) {
     let success = true;
 
     let styleJSON;
     try {
+      // Style files should only be HTTP/HTTPS, not S3
       if (isValidHttpUrl(item.style)) {
         const res = await fetch(item.style);
         if (!res.ok) {
@@ -193,6 +204,7 @@ async function start(opts) {
         styleJSON = await res.json();
       } else {
         const styleFile = path.resolve(options.paths.styles, item.style);
+        // eslint-disable-next-line security/detect-non-literal-fs-filename -- styleFile constructed from config base path and style name
         const styleFileData = await fs.promises.readFile(styleFile);
         styleJSON = JSON.parse(styleFileData);
       }
@@ -212,11 +224,14 @@ async function start(opts) {
         (styleSourceId, protocol) => {
           let dataItemId;
           for (const id of Object.keys(data)) {
+            // eslint-disable-next-line security/detect-object-injection -- id is from Object.keys of data config
             if (id === styleSourceId) {
               // Style id was found in data ids, return that id
               dataItemId = id;
             } else {
+              // eslint-disable-next-line security/detect-object-injection -- id is from Object.keys of data config
               const fileType = Object.keys(data[id])[0];
+              // eslint-disable-next-line security/detect-object-injection -- id is from Object.keys of data config, fileType is from Object.keys
               if (data[id][fileType] === styleSourceId) {
                 // Style id was found in data filename, return the id that filename belong to
                 dataItemId = id;
@@ -236,12 +251,15 @@ async function start(opts) {
               let id =
                 styleSourceId.substr(0, styleSourceId.lastIndexOf('.')) ||
                 styleSourceId;
-              if (isValidHttpUrl(styleSourceId)) {
+              // PMTiles can be remote URLs (HTTP or S3), generate unique ID for remote sources
+              if (isValidRemoteUrl(styleSourceId)) {
                 id =
                   fnv1a(styleSourceId) + '_' + id.replace(/^.*\/(.*)$/, '$1');
               }
+              // eslint-disable-next-line security/detect-object-injection -- id is being checked for existence before modification
               while (data[id]) id += '_'; //if the data source id already exists, add a "_" untill it doesn't
               //Add the new data source to the data array.
+              // eslint-disable-next-line security/detect-object-injection -- id is constructed above to be unique
               data[id] = {
                 [protocol]: styleSourceId,
               };
@@ -252,6 +270,7 @@ async function start(opts) {
         },
         (font) => {
           if (reportFonts) {
+            // eslint-disable-next-line security/detect-object-injection -- font is font name from style
             serving.fonts[font] = true;
           }
         },
@@ -271,8 +290,12 @@ async function start(opts) {
               let resolvedFileType;
               let resolvedInputFile;
               let resolvedSparse = false;
+              let resolvedS3Profile;
+              let resolvedRequestPayer;
+              let resolvedS3Region;
 
               for (const id of Object.keys(data)) {
+                // eslint-disable-next-line security/detect-object-injection -- id is from Object.keys of data config
                 const sourceData = data[id];
                 let currentFileType;
                 let currentInputFileValue;
@@ -295,13 +318,28 @@ async function start(opts) {
                     resolvedFileType = currentFileType;
                     resolvedInputFile = currentInputFileValue;
 
-                    // Get sparse flag specifically from this matching source
-                    // Default to false if 'sparse' key doesn't exist or is falsy in a boolean context
+                    // Get sparse if present
                     if (sourceData.hasOwnProperty('sparse')) {
-                      resolvedSparse = !!sourceData.sparse; // Ensure boolean
+                      resolvedSparse = !!sourceData.sparse;
                     } else {
-                      resolvedSparse = false; // Explicitly set default if not present on item
+                      resolvedSparse = false;
+                    }
+
+                    // Get s3Profile if present
+                    if (sourceData.hasOwnProperty('s3Profile')) {
+                      resolvedS3Profile = sourceData.s3Profile;
+                    }
+
+                    // Get requestPayer if present
+                    if (sourceData.hasOwnProperty('requestPayer')) {
+                      resolvedRequestPayer = !!sourceData.requestPayer;
+                    }
+
+                    // Get s3Region if present
+                    if (sourceData.hasOwnProperty('s3Region')) {
+                      resolvedS3Region = sourceData.s3Region;
                     }
+
                     break; // Found our match, exit the outer loop
                   }
                 }
@@ -316,17 +354,23 @@ async function start(opts) {
                   inputFile: undefined,
                   fileType: undefined,
                   sparse: false,
+                  s3Profile: undefined,
+                  requestPayer: false,
+                  s3Region: undefined,
                 };
               }
 
-              if (!isValidHttpUrl(resolvedInputFile)) {
+              // PMTiles supports remote URLs (HTTP and S3), skip path resolution for those
+              if (!isValidRemoteUrl(resolvedInputFile)) {
                 // Ensure options.paths and options.paths[resolvedFileType] exist before trying to use them
                 if (
                   options &&
                   options.paths &&
+                  // eslint-disable-next-line security/detect-object-injection -- resolvedFileType is either 'pmtiles' or 'mbtiles'
                   options.paths[resolvedFileType]
                 ) {
                   resolvedInputFile = path.resolve(
+                    // eslint-disable-next-line security/detect-object-injection -- resolvedFileType is either 'pmtiles' or 'mbtiles'
                     options.paths[resolvedFileType],
                     resolvedInputFile,
                   );
@@ -341,6 +385,9 @@ async function start(opts) {
                 inputFile: resolvedInputFile,
                 fileType: resolvedFileType,
                 sparse: resolvedSparse,
+                s3Profile: resolvedS3Profile,
+                requestPayer: resolvedRequestPayer,
+                s3Region: resolvedS3Region,
               };
             },
           ),
@@ -353,6 +400,7 @@ async function start(opts) {
   }
 
   for (const id of Object.keys(config.styles || {})) {
+    // eslint-disable-next-line security/detect-object-injection -- id is from Object.keys of config.styles
     const item = config.styles[id];
     if (!item.style || item.style.length === 0) {
       console.log(`Missing "style" property for ${id}`);
@@ -366,7 +414,9 @@ async function start(opts) {
     }),
   );
   for (const id of Object.keys(data)) {
+    // eslint-disable-next-line security/detect-object-injection -- id is from Object.keys of data config
     const item = data[id];
+    // eslint-disable-next-line security/detect-object-injection -- id is from Object.keys of data config
     const fileType = Object.keys(data[id])[0];
     if (!fileType || !(fileType === 'pmtiles' || fileType === 'mbtiles')) {
       console.log(
@@ -377,6 +427,7 @@ async function start(opts) {
     startupPromises.push(serve_data.add(options, serving.data, item, id, opts));
   }
   if (options.serveAllStyles) {
+    // eslint-disable-next-line security/detect-non-literal-fs-filename -- options.paths.styles is from validated config
     fs.readdir(options.paths.styles, { withFileTypes: true }, (err, files) => {
       if (err) {
         return;
@@ -419,6 +470,7 @@ async function start(opts) {
    * Handles requests for a list of available styles.
    * @param {object} req - Express request object.
    * @param {object} res - Express response object.
+   * @param {object} next - Express next middleware function.
    * @param {string} [req.query.key] - Optional API key.
    * @returns {void}
    */
@@ -428,6 +480,7 @@ async function start(opts) {
       ? `?key=${encodeURIComponent(req.query.key)}`
       : '';
     for (const id of Object.keys(serving.styles)) {
+      // eslint-disable-next-line security/detect-object-injection -- id is from Object.keys of serving.styles
       const styleJSON = serving.styles[id].styleJSON;
       result.push({
         version: styleJSON.version,
@@ -451,7 +504,9 @@ async function start(opts) {
    * @returns {Array} - An array of TileJSON objects.
    */
   function addTileJSONs(arr, req, type, tileSize) {
+    // eslint-disable-next-line security/detect-object-injection -- type is 'rendered' or 'data', validated by caller
     for (const id of Object.keys(serving[type])) {
+      // eslint-disable-next-line security/detect-object-injection -- type is 'rendered' or 'data', id is from Object.keys
       const info = clone(serving[type][id].tileJSON);
       let path = '';
       if (type === 'rendered') {
@@ -479,6 +534,7 @@ async function start(opts) {
    * Handles requests for a rendered tilejson endpoint.
    * @param {object} req - Express request object.
    * @param {object} res - Express response object.
+   * @param {object} next - Express next middleware function.
    * @param {string} req.params.tileSize - Optional tile size parameter.
    * @returns {void}
    */
@@ -501,6 +557,7 @@ async function start(opts) {
    * Handles requests for a combined rendered and data tilejson endpoint.
    * @param {object} req - Express request object.
    * @param {object} res - Express response object.
+   * @param {object} next - Express next middleware function.
    * @param {string} req.params.tileSize - Optional tile size parameter.
    * @returns {void}
    */
@@ -526,8 +583,8 @@ async function start(opts) {
    * Serves a Handlebars template.
    * @param {string} urlPath - The URL path to serve the template at
    * @param {string} template - The name of the template file
-   * @param {Function} dataGetter - A function to get data to be passed to the template.
-   *  @returns {void}
+   * @param {(req: object) => object|null} dataGetter - A function to get data to be passed to the template.
+   * @returns {void}
    */
   function serveTemplate(urlPath, template, dataGetter) {
     let templateFile = `${templates}/${template}.tmpl`;
@@ -542,6 +599,7 @@ async function start(opts) {
       }
     }
     try {
+      // eslint-disable-next-line security/detect-non-literal-fs-filename -- templateFile is from internal templates or config-specified path
       const content = fs.readFileSync(templateFile, 'utf-8');
       const compiled = handlebars.compile(content.toString());
       app.get(urlPath, (req, res, next) => {
@@ -581,15 +639,17 @@ async function start(opts) {
   /**
    * Handles requests for the index page, providing a list of available styles and data.
    * @param {object} req - Express request object.
-   * @param {object} res - Express response object.
-   * @returns {void}
+   * @returns {object|null} Template data object or null
    */
   serveTemplate('/', 'index', (req) => {
     let styles = {};
     for (const id of Object.keys(serving.styles || {})) {
       let style = {
+        // eslint-disable-next-line security/detect-object-injection -- id is from Object.keys of serving.styles
         ...serving.styles[id],
+        // eslint-disable-next-line security/detect-object-injection -- id is from Object.keys of serving.styles
         serving_data: serving.styles[id],
+        // eslint-disable-next-line security/detect-object-injection -- id is from Object.keys of serving.styles
         serving_rendered: serving.rendered[id],
       };
 
@@ -618,12 +678,15 @@ async function start(opts) {
         )[0];
       }
 
+      // eslint-disable-next-line security/detect-object-injection -- id is from Object.keys of serving.styles
       styles[id] = style;
     }
     let datas = {};
     for (const id of Object.keys(serving.data || {})) {
+      // eslint-disable-next-line security/detect-object-injection -- id is from Object.keys of serving.data
       let data = Object.assign({}, serving.data[id]);
 
+      // eslint-disable-next-line security/detect-object-injection -- id is from Object.keys of serving.data
       const { tileJSON } = serving.data[id];
       const { center } = tileJSON;
 
@@ -682,6 +745,7 @@ async function start(opts) {
         }
         data.formatted_filesize = `${size.toFixed(2)} ${suffix}`;
       }
+      // eslint-disable-next-line security/detect-object-injection -- id is from Object.keys of serving.data
       datas[id] = data;
     }
     return {
@@ -693,12 +757,11 @@ async function start(opts) {
   /**
    * Handles requests for a map viewer template for a specific style.
    * @param {object} req - Express request object.
-   * @param {object} res - Express response object.
-   * @param {string} req.params.id - ID of the style.
-   * @returns {void}
+   * @returns {object|null} Template data object or null
    */
   serveTemplate('/styles/:id/', 'viewer', (req) => {
     const { id } = req.params;
+    // eslint-disable-next-line security/detect-object-injection -- id is route parameter from URL
     const style = clone(((serving.styles || {})[id] || {}).styleJSON);
 
     if (!style) {
@@ -707,8 +770,11 @@ async function start(opts) {
     return {
       ...style,
       id,
+      // eslint-disable-next-line security/detect-object-injection -- id is route parameter from URL
       name: (serving.styles[id] || serving.rendered[id]).name,
+      // eslint-disable-next-line security/detect-object-injection -- id is route parameter from URL
       serving_data: serving.styles[id],
+      // eslint-disable-next-line security/detect-object-injection -- id is route parameter from URL
       serving_rendered: serving.rendered[id],
     };
   });
@@ -716,12 +782,11 @@ async function start(opts) {
   /**
    * Handles requests for a Web Map Tile Service (WMTS) XML template.
    * @param {object} req - Express request object.
-   * @param {object} res - Express response object.
-   * @param {string} req.params.id - ID of the style.
-   * @returns {void}
+   * @returns {object|null} Template data object or null
    */
   serveTemplate('/styles/:id/wmts.xml', 'wmts', (req) => {
     const { id } = req.params;
+    // eslint-disable-next-line security/detect-object-injection -- id is route parameter from URL
     const wmts = clone((serving.styles || {})[id]);
 
     if (!wmts) {
@@ -746,6 +811,7 @@ async function start(opts) {
     return {
       ...wmts,
       id,
+      // eslint-disable-next-line security/detect-object-injection -- id is route parameter from URL
       name: (serving.styles[id] || serving.rendered[id]).name,
       baseUrl,
     };
@@ -754,13 +820,11 @@ async function start(opts) {
   /**
    * Handles requests for a data view template for a specific data source.
    * @param {object} req - Express request object.
-   * @param {object} res - Express response object.
-   * @param {string} req.params.id - ID of the data source.
-   * @param {string} [req.params.view] - Optional view type.
-   * @returns {void}
+   * @returns {object|null} Template data object or null
    */
   serveTemplate('/data{/:view}/:id/', 'data', (req) => {
     const { id, view } = req.params;
+    // eslint-disable-next-line security/detect-object-injection -- id is route parameter from URL
     const data = serving.data[id];
 
     if (!data) {
@@ -806,14 +870,40 @@ async function start(opts) {
     process.env.PORT || opts.port,
     process.env.BIND || opts.bind,
     function () {
-      let address = this.address().address;
+      const addressInfo = this.address();
+
+      if (!addressInfo) {
+        console.error('Failed to bind to port');
+        return;
+      }
+
+      let address = addressInfo.address;
       if (address.indexOf('::') === 0) {
         address = `[${address}]`; // literal IPv6 address
       }
-      console.log(`Listening at http://${address}:${this.address().port}/`);
+      console.log(`Listening at http://${address}:${addressInfo.port}/`);
     },
   );
 
+  // Handle server errors
+  server.on('error', (err) => {
+    const port = process.env.PORT || opts.port;
+    if (err.code === 'EADDRINUSE') {
+      console.error(`ERROR: Port ${port} is already in use.`);
+      console.error(`Please choose a different port with -p or --port option.`);
+      process.exit(1);
+    } else if (err.code === 'EACCES') {
+      console.error(`ERROR: Permission denied to bind to port ${port}.`);
+      console.error(
+        `Try using a port number above 1024 or run with appropriate permissions.`,
+      );
+      process.exit(1);
+    } else {
+      console.error('Server error:', err.message);
+      process.exit(1);
+    }
+  });
+
   // add server.shutdown() to gracefully stop serving
   enableShutdown(server);
 

package/src/utils.js

@@ -9,18 +9,23 @@ import { existsP } from './promises.js';
 import { getPMtilesTile } from './pmtiles_adapter.js';
 
 export const allowedSpriteFormats = allowedOptions(['png', 'json']);
-
 export const allowedTileSizes = allowedOptions(['256', '512']);
+export const httpTester = /^https?:\/\//i;
+export const s3Tester = /^s3:\/\//i; // Plain AWS S3 format
+export const s3HttpTester = /^s3\+https?:\/\//i; // S3-compatible with custom endpoint
+export const pmtilesTester = /^pmtiles:\/\//i;
+export const mbtilesTester = /^mbtiles:\/\//i;
 
 /**
  * Restrict user input to an allowed set of options.
  * @param {string[]} opts - An array of allowed option strings.
  * @param {object} [config] - Optional configuration object.
  * @param {string} [config.defaultValue] - The default value to return if input doesn't match.
- * @returns {function(string): string} - A function that takes a value and returns it if valid or a default.
+ * @returns {(value: string) => string} - A function that takes a value and returns it if valid or a default.
  */
 export function allowedOptions(opts, { defaultValue } = {}) {
   const values = Object.fromEntries(opts.map((key) => [key, key]));
+  // eslint-disable-next-line security/detect-object-injection -- value is checked against allowed opts keys
   return (value) => values[value] || defaultValue;
 }
 
@@ -35,7 +40,7 @@ export function allowedScales(scale, maxScale = 9) {
     return 1;
   }
 
-  // eslint-disable-next-line security/detect-non-literal-regexp
+  // eslint-disable-next-line security/detect-non-literal-regexp -- maxScale is a number parameter, not user input
   const regex = new RegExp(`^[2-${maxScale}]x$`);
   if (!regex.test(scale)) {
     return null;
@@ -156,6 +161,7 @@ export function getTileUrls(
     const hostParts = urlObject.host.split('.');
     const relativeSubdomainsUsable =
       hostParts.length > 1 &&
+      // eslint-disable-next-line security/detect-unsafe-regex -- Simple IPv4 validation, no nested quantifiers
       !/^([0-9]{1,3}\.){3}[0-9]{1,3}(\:[0-9]+)?$/.test(urlObject.host);
     const newDomains = [];
     for (const domain of domains) {
@@ -184,7 +190,9 @@ export function getTileUrls(
   }
   const query = queryParams.length > 0 ? `?${queryParams.join('&')}` : '';
 
+  // eslint-disable-next-line security/detect-object-injection -- format is validated format string from tileJSON
   if (aliases && aliases[format]) {
+    // eslint-disable-next-line security/detect-object-injection -- format is validated format string from tileJSON
     format = aliases[format];
   }
 
@@ -245,7 +253,7 @@ export function fixTileJSONCenter(tileJSON) {
 export function readFile(filename) {
   return new Promise((resolve, reject) => {
     const sanitizedFilename = path.normalize(filename); // Normalize path, remove ..
-    // eslint-disable-next-line security/detect-non-literal-fs-filename
+    // eslint-disable-next-line security/detect-non-literal-fs-filename -- filename is normalized and validated by caller
     fs.readFile(String(sanitizedFilename), (err, data) => {
       if (err) {
         reject(err);
@@ -266,6 +274,7 @@ export function readFile(filename) {
  * @returns {Promise<Buffer>} A promise that resolves with the font data Buffer or rejects with an error.
  */
 async function getFontPbf(allowedFonts, fontPath, name, range, fallbacks) {
+  // eslint-disable-next-line security/detect-object-injection -- name is validated font name from sanitizedName check
   if (!allowedFonts || (allowedFonts[name] && fallbacks)) {
     const fontMatch = name?.match(/^[\p{L}\p{N} \-\.~!*'()@&=+,#$\[\]]+$/u);
     const sanitizedName = fontMatch?.[0] || 'invalid';
@@ -295,6 +304,7 @@ async function getFontPbf(allowedFonts, fontPath, name, range, fallbacks) {
     if (!fallbacks) {
       fallbacks = clone(allowedFonts || {});
     }
+    // eslint-disable-next-line security/detect-object-injection -- name is validated font name
     delete fallbacks[name];
 
     try {
@@ -314,8 +324,10 @@ async function getFontPbf(allowedFonts, fontPath, name, range, fallbacks) {
           fontStyle = 'Regular';
         }
         fallbackName = `Noto Sans ${fontStyle}`;
+        // eslint-disable-next-line security/detect-object-injection -- fallbackName is constructed from validated font style
         if (!fallbacks[fallbackName]) {
           fallbackName = `Open Sans ${fontStyle}`;
+          // eslint-disable-next-line security/detect-object-injection -- fallbackName is constructed from validated font style
           if (!fallbacks[fallbackName]) {
             fallbackName = Object.keys(fallbacks)[0];
           }
@@ -325,6 +337,7 @@ async function getFontPbf(allowedFonts, fontPath, name, range, fallbacks) {
           fallbackName,
           sanitizedName,
         );
+        // eslint-disable-next-line security/detect-object-injection -- fallbackName is constructed from validated font style
         delete fallbacks[fallbackName];
         return getFontPbf(null, fontPath, fallbackName, range, fallbacks);
       } else {
@@ -377,13 +390,16 @@ export async function getFontsPbf(
 export async function listFonts(fontPath) {
   const existingFonts = {};
 
+  // eslint-disable-next-line security/detect-non-literal-fs-filename -- fontPath is from validated config
   const files = await fsPromises.readdir(fontPath);
   for (const file of files) {
+    // eslint-disable-next-line security/detect-non-literal-fs-filename -- file is from readdir of validated fontPath
     const stats = await fsPromises.stat(path.join(fontPath, file));
     if (
       stats.isDirectory() &&
       (await existsP(path.join(fontPath, file, '0-255.pbf')))
     ) {
+      // eslint-disable-next-line security/detect-object-injection -- file is from readdir, used as font name key
       existingFonts[path.basename(file)] = true;
     }
   }
@@ -392,20 +408,72 @@ export async function listFonts(fontPath) {
 }
 
 /**
- * Checks if a string is a valid HTTP or HTTPS URL.
- * @param {string} string - The string to validate.
- * @returns {boolean} True if the string is a valid HTTP/HTTPS URL, false otherwise.
+ * Checks if a string is a valid HTTP/HTTPS URL.
+ * @param {string} string - The string to check.
+ * @returns {boolean} - True if the string is a valid HTTP/HTTPS URL.
  */
 export function isValidHttpUrl(string) {
-  let url;
+  try {
+    return httpTester.test(string);
+  } catch (e) {
+    return false;
+  }
+}
+
+/**
+ * Checks if a string is a valid S3 URL.
+ * @param {string} string - The string to check.
+ * @returns {boolean} - True if the string is a valid S3 URL.
+ */
+export function isS3Url(string) {
+  try {
+    return s3Tester.test(string) || s3HttpTester.test(string);
+  } catch (e) {
+    return false;
+  }
+}
+
+/**
+ * Checks if a string is a valid remote URL (HTTP, HTTPS, or S3).
+ * @param {string} string - The string to check.
+ * @returns {boolean} - True if the string is a valid remote URL.
+ */
+export function isValidRemoteUrl(string) {
+  try {
+    return (
+      httpTester.test(string) ||
+      s3Tester.test(string) ||
+      s3HttpTester.test(string)
+    );
+  } catch (e) {
+    return false;
+  }
+}
 
+/**
+ * Checks if a string uses the pmtiles:// protocol.
+ * @param {string} string - The string to check.
+ * @returns {boolean} - True if the string uses pmtiles:// protocol.
+ */
+export function isPMTilesProtocol(string) {
   try {
-    url = new URL(string);
-  } catch (_) {
+    return pmtilesTester.test(string);
+  } catch (e) {
     return false;
   }
+}
 
-  return url.protocol === 'http:' || url.protocol === 'https:';
+/**
+ * Checks if a string uses the mbtiles:// protocol.
+ * @param {string} string - The string to check.
+ * @returns {boolean} - True if the string uses mbtiles:// protocol.
+ */
+export function isMBTilesProtocol(string) {
+  try {
+    return mbtilesTester.test(string);
+  } catch (e) {
+    return false;
+  }
 }
 
 /**