http://localhost:3006/swagger-ui/index.html serves Swagger Petstore. Can this be disabled?

[leoherbie]

Navigating to http://localhost:3006/swagger-ui/index.html serves up the sample Swagger Petstore apis. Can these be disabled? I did not see any reference to the petstore within your codebase so perhaps this option does not exist just yet. Thanks so much.

Here is a stackoverflow that may be helpful:

https://stackoverflow.com/questions/49515713/remove-petstore-spec-when-starting-swagger-editor

[springdoc]

Hi,

We rely on swagger-ui official webjars. We build our library on top of it.
The index.html is available inside the webjar and it contains a JS call to https://petstore.swagger.io/v2/swagger.json, if url parameter is absent.
You can submit an enhancement on the swagger-ui project:

• https://github.com/swagger-api/swagger-ui/issues

Also, you can rebuild the webjars for your own needs, if you don't want to have any reference to petsotre.
Please, note that in the normal behavior, users will have access to index.html without query parameters, only if they remove the url query parameter manually.

[leoherbie]

I figured as much. I just wondered if there was a way to prevent it from being served or available. Sounds like there isn't. Bummer.

[StephGit]

Hi @leoherbie, we use the following workaround to prevent serving petstore:

@Configuration
public class SpringdocSwaggerFix implements WebMvcConfigurer {

  @Override
  public void addResourceHandlers(ResourceHandlerRegistry registry) {
    registry.addResourceHandler("/**/*.html")
        .addResourceLocations("classpath:/META-INF/resources/webjars/")
        .resourceChain(false)
        .addResolver(new WebJarsResourceResolver())
        .addResolver(new PathResourceResolver())
        .addTransformer(new IndexPageTransformer());
  }

  public class IndexPageTransformer implements ResourceTransformer {
    @Override
    public Resource transform(HttpServletRequest request, Resource resource,
                              ResourceTransformerChain transformerChain) throws IOException {
      if (resource.getURL().toString().endsWith("/index.html")) {
        String html = getHtmlContent(resource);
        html = overwritePetStore(html);
        return new TransformedResource(resource, html.getBytes());
      } else {
        return resource;
      }
    }

    private String overwritePetStore(String html) {
      return html.replace("https://petstore.swagger.io/v2/swagger.json",
          "/v3/api-docs");
    }
}

[anksngp]

Hi @StephGit I tried the way you have mentioned in the above comment, can you also post the contents of the method getHtmlContent

[StephGit]

Hi @anksngp

Sure:

private String getHtmlContent(Resource resource) {
      try {
        InputStream inputStream = resource.getInputStream();
        java.util.Scanner s = new java.util.Scanner(inputStream).useDelimiter("\\A");
        String content = s.next();
        inputStream.close();
        return content;
      } catch (IOException e) {
        throw new RuntimeException(e); 
      }
}

[Andrew3431]

Hi @StephGit , @bnasslahsen

When trying the above snippet I noticed that, the newly generated swagger document on calling just localhost:8080/swagger/swagger-ui/index.html (after replacing https://petstore.swagger.io/v2/swagger.json with v3/api-docs) does not have the application-properties that were set on swagger document like

springdoc.swagger-ui.doc-expansion=none
springdoc.swagger-ui.operationsSorter=alpha
springdoc.swagger-ui.tagsSorter=alpha

Is there any way to get the properties applied to swagger document as well ?
P.S. On calling the complete url http://localhost:8080/swagger/swagger-ui/index.html?configUrl=/v3/api-docs/swagger-config#/ the application properties are applied to the swagger document.

[thlaegler]

I'm using custom pathes for Swagger-UI and api-docs and to following application.yaml solved this issue for me (without using any of the above Workarounds):

springdoc:
  api-docs:
    enabled: true
    path: '/my/custom/path/api-docs'
  swagger-ui:
    path: '/my/custom/path/swagger-ui'
    configUrl: '/my/custom/path/api-docs/swagger-config'
    urls:
    - name: My Custom API
      url: '/my/custom/path/api-docs'

Note the list of URLs under springdoc.swagger-ui.urls since I have multiple api-docs. If you just have one, replace the urls-part with:
springdoc.swagger-ui.url='/my/custom/path/api-docs'

[shasureshkumar]

I'm using custom pathes for Swagger-UI and api-docs and to following application.yaml solved this issue for me (without using any of the above Workarounds):

springdoc:
  api-docs:
    enabled: true
    path: '/my/custom/path/api-docs'
  swagger-ui:
    path: '/my/custom/path/swagger-ui'
    configUrl: '/my/custom/path/api-docs/swagger-config'
    urls:
    - name: My Custom API
      url: '/my/custom/path/api-docs'

Note the list of URLs under springdoc.swagger-ui.urls since I have multiple api-docs. If you just have one, replace the urls-part with:
springdoc.swagger-ui.url='/my/custom/path/api-docs'

its not working for me, my configuration is as follows

springdoc:
  api-docs:
    enabled: true
    path: /v3/api-docs
  swagger-ui:
    path: /swagger-ui.html
    display-request-duration: false
    tags-sorter: alpha
    operations-sorter: alpha
    defaultModelRendering: example
    doc-expansion: none
    config-url: /v3/api-docs/swagger-config
    url: /v3/api-docs

and as a dependency I am using the below

<dependency>
      <groupId>org.springdoc</groupId>
      <artifactId>springdoc-openapi-ui</artifactId>
      <version>1.3.9</version>
    </dependency>
    <dependency>
      <groupId>io.swagger.core.v3</groupId>
      <artifactId>swagger-annotations</artifactId>
      <version>2.1.2</version>
    </dependency>

[SledgeHammer01]

Hi @leoherbie, we use the following workaround to prevent serving petstore:

@Configuration
public class SpringdocSwaggerFix implements WebMvcConfigurer {

  @Override
  public void addResourceHandlers(ResourceHandlerRegistry registry) {
    registry.addResourceHandler("/**/*.html")
        .addResourceLocations("classpath:/META-INF/resources/webjars/")
        .resourceChain(false)
        .addResolver(new WebJarsResourceResolver())
        .addResolver(new PathResourceResolver())
        .addTransformer(new IndexPageTransformer());
  }

  public class IndexPageTransformer implements ResourceTransformer {
    @Override
    public Resource transform(HttpServletRequest request, Resource resource,
                              ResourceTransformerChain transformerChain) throws IOException {
      if (resource.getURL().toString().endsWith("/index.html")) {
        String html = getHtmlContent(resource);
        html = overwritePetStore(html);
        return new TransformedResource(resource, html.getBytes());
      } else {
        return resource;
      }
    }

    private String overwritePetStore(String html) {
      return html.replace("https://petstore.swagger.io/v2/swagger.json",
          "/v3/api-docs");
    }
}

I found this issue. Beware. Checking for ending with /index.html is not enough to disable petstore. You can get there with:

/swagger-ui/index.html?configUrl=

and a few other patterns I've found as well.

[bnasslahsen]

@SledgeHammer01

To disable the swagger-ui default petstore url, just use the following property:

springdoc.swagger-ui.disable-swagger-default-url=true

More details, are available on the springdoc-openapi properties list:

• https://springdoc.org/springdoc-properties.html

[schrek1]

StephGit's solution works better, because it replaces default page. Instead disabling by config file (disable-swagger-default-url) which makes page look like broken swagger page...

[schrek1]

should be option available for replace default page instead

[thlaegler]

It's also noteworthy that there is a difference between http://localhost:8085/swagger-ui/index.html and http://localhost:8085/swagger-ui.html. The latter URL redirects to the former URL (the actual swagger-ui) with the configured configUrl-parameter e.g. http://localhost:8085/swagger-ui/index.html?configUrl=/v3/api-docs/swagger-config