Prevent escaping html in path params?

Question

Prevent escaping html in path params?

chriskessel opened this issue 10 years ago · 9 comments

I'm using swagger via the built in threescale (api service provider) stuff, so I'm not sure which ui version that maps to. I'm telling my code to generate swagger 2.0.

I've got a REST entry point that takes an "itemID" parameter and that ID has forward slash (/) characters in it. It looks something like this: 2015/09/30/14/41/18/681/mfq15U. I've defined the @path regex to interpret that as one param, not a bunch of little ones.

The problem is when I use the Swagger UI and put 2015/09/30/14/41/18/681/mfq15U into the "itemId" text box then click "Try it out!", it html escapes all the / characters and ends up creating an invalid request that looks like:

https:/foobar.com/2015%2F09%2F30%2F14%2F41%2F18%2F681%2Fmfq15U

Whereas I need it to look like this:

https://foobar.com/2015/09/30/14/41/18/681/mfq15U

Is there some way I can configure swagger UI to not escape those characters?

Answer 1 · 2015-10-07T04:36:38.000Z

take a look here:

swagger-api/swagger-js#280

You'll have to undo that commit. It's not a configuration, but we could make it so with a PR if you'd like to tackle it.

Answer 2 · 2016-02-05T12:50:48.000Z

sorry for a late comment but we had the same problem and I want to share the solution.
the solution is to change the regexp on @path on the rest endpoint in java to {path:[a-zA-Z0-9_/%-]*}.
This will enable the sending of a path through swagger, swagger encodes the path but jaxrs will decode it for you.

Answer 3 · 2016-07-28T19:59:25.000Z

were you able to solve this issue?

Answer 4 · 2017-06-09T20:41:09.000Z

This should no longer be an issue with the new UI.

Answer 5 · 2017-11-15T17:20:36.000Z

I have downloaded swagger-ui-3.4.4, but I am still running into this problem.
Is there a specific version that I need to download to prevent escaping html in my path params?

Answer 6 · 2017-11-15T17:29:13.000Z

@webron can correct me as he loves to do, but I think what you're after is illegal in the OAS specification. Allowing a forward slash in your path parameter will effectively create a new operation (in the OAS world) and make your request indeterministic. So I don't expect that you'll get this addressed in swagger-ui.

I think in the 2.x branch there was a hack that allowed people to do this--it did make the behavior illegal wrt the spec though.

Answer 7 · 2017-11-15T17:57:24.000Z

I dont necessarily need user to input a slash ;

I would have a text that goes like this on the textbox by default;
{param0:{'accountName':'sample'}

Where the accountName value can be changed by the user to query the specific ones.

At the moment, when I hit the execute button, this text box value translates to %7Bparam0%3A%7B'accountName'%3A'sample'%7D

Any workarounds will be really helpful

Answer 8 · 2017-11-15T20:28:30.000Z

@SriramZafin it would be better if you filed a new ticket, following the issue template to provide the details.

Answer 9 · 2017-11-16T05:16:53.000Z

#3915

Created this ticket , please have a look