Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OpenAPIService serverBaseUrl is not thread safe #2931

Closed
jmkelm08 opened this issue Mar 6, 2025 · 0 comments
Closed

OpenAPIService serverBaseUrl is not thread safe #2931

jmkelm08 opened this issue Mar 6, 2025 · 0 comments

Comments

@jmkelm08
Copy link

jmkelm08 commented Mar 6, 2025

Describe the bug

I am trying to accomplish something similar to #2171. The recommended solution is to use a ServerBaseUrlCustomizer to customize the URL based on the request. In OpenAPIService.setServerBaseUrl, the customized base URL is stored in a member variable of the service with no locking or other protections which is not thread safe.

To Reproduce

  1. Create a very basic Spring boot application
  2. Run in debug
  3. Set breakpoint 1 on the last line of OpenAPIService.setServerBaseUrl: this.serverBaseUrl = customServerBaseUrl
  4. Set breakpoint 2 on the first line inside the if statement in OpenAPIService.updateServers
  5. Open http://localhost:8080/swagger-ui/index.html
  6. Advance to the 2nd breakpoint (in updateServers)
  7. Open http://127.0.0.1:8080/swagger-ui/index.html
  8. Step over the 1st breakpoin (last line in setServerBaseUrl)
  9. Unpause the first request and see that the returned server list contains http://127.0.0.1:8080 instead of http://localhost:8080

Expected behavior

The server base URL is not modified by unrelated requests
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jmkelm08