New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Swagger-UI schemes error on HTTPS #149

Closed
trestletech opened this Issue Jul 27, 2017 · 2 comments

Comments

Projects
None yet
1 participant
@trestletech
Owner

trestletech commented Jul 27, 2017

The page shows an error button at the bottom. Clicking on that opens a new page with this message:

We're using the window.location.protocol which has a colon at the end which is a problem. There may be other issues, too.

{"schemaValidationMessages":[{"level":"error","message":"Can't read from file https://rsc.radixu.com/content/1938/swagger.json?schemes=https:"}]}

@trestletech

This comment has been minimized.

Show comment
Hide comment
@trestletech

trestletech Jul 27, 2017

Owner

Also, the values need to be URL-encoded when sent as query strings.

Owner

trestletech commented Jul 27, 2017

Also, the values need to be URL-encoded when sent as query strings.

@trestletech trestletech added this to the v0.4.4 milestone Oct 16, 2017

@trestletech

This comment has been minimized.

Show comment
Hide comment
@trestletech

trestletech Oct 16, 2017

Owner

It turns out this was not due (only) to the schema validation errors, though there were a few. The error was actually coming from the fact that Swagger by default uses a hosted schema validator which has to remotely access the swagger definition file in order to validate it. This means that if your Swagger definition restricted access, then the hosted instance would not be able to access/validate it, resulting in this error.

I haven't tracked down the exact login in play here, but it seems that this behavior is disabled when running locally (perhaps for all IPs) but enabled when running with what appears to be a public URL.

For now I've just disabled the validation since I, for one, found it surprising that this remote service would be involved in scanning your APIs. I believe this repo is what you'd want to run if you were to host this validator internally, but it's Java based and I'm not going to touch that.

Owner

trestletech commented Oct 16, 2017

It turns out this was not due (only) to the schema validation errors, though there were a few. The error was actually coming from the fact that Swagger by default uses a hosted schema validator which has to remotely access the swagger definition file in order to validate it. This means that if your Swagger definition restricted access, then the hosted instance would not be able to access/validate it, resulting in this error.

I haven't tracked down the exact login in play here, but it seems that this behavior is disabled when running locally (perhaps for all IPs) but enabled when running with what appears to be a public URL.

For now I've just disabled the validation since I, for one, found it surprising that this remote service would be involved in scanning your APIs. I believe this repo is what you'd want to run if you were to host this validator internally, but it's Java based and I'm not going to touch that.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment