Skip to content

[Lumen] fixed Output-Formats [*/*] injection in Lumen routes/web.php #343

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 7 commits into from
Closed

[Lumen] fixed Output-Formats [*/*] injection in Lumen routes/web.php #343

wants to merge 7 commits into from

Conversation

Lv-Yi
Copy link

@Lv-Yi Lv-Yi commented Jun 18, 2018
edited
Loading

PR checklist

  • Read the contribution guidelines.
  • Ran the shell script under ./bin/ to update Petstore sample so that CIs can verify the change. (For instance, only need to run ./bin/{LANG}-petstore.sh and ./bin/security/{LANG}-petstore.sh if updating the {LANG} (e.g. php, ruby, python, etc) code generator or {LANG} client's mustache templates). Windows batch files can be found in .\bin\windows\.
  • Filed the PR against the correct branch: master, 3.1.x, 4.0.x. Default: master.
  • Copied the technical committee to review the pull request if your PR is targeting a particular programming language.

Description of the PR

fixed Output-Formats [ * / * ] injection in Lumen routes/web.php as discussed in #212 .
removed MaxPermSize option in php-lumen-petstore-server.sh and security/lumen-petstore-server.sh which was obsolete in java8.
updated petstore server examples.

@Lv-Yi Lv-Yi changed the title 4.0.x [Lumen] fixed Output-Formats [*/*] injection in Lumen routes/web.php Jun 18, 2018
@wing328
Copy link
Member

wing328 commented Jun 18, 2018

Thanks for the PR but your commit (as shown in the Commits tab) is not linked to your Github account, which means this PR won't count as your contribution in https://github.com/OpenAPITools/openapi-generator/graphs/contributors.

Let me know if you need help fixing it.

Ref: https://github.com/OpenAPITools/openapi-generator/wiki/FAQ#how-can-i-update-commits-that-are-not-linked-to-my-github-account

@wing328 wing328 added this to the 4.0.0 milestone Jun 18, 2018
wing328
wing328 reviewed Jun 19, 2018
View reviewed changes
modules/openapi-generator/src/main/java/org/openapitools/codegen/DefaultCodegen.java
// escape quotation to avoid code injection, "*/*" is a special case, do nothing
String encodedKey = "*/*".equals(key)? key : escapeText(escapeQuotationMark(key));
// escape quotation to avoid code injection, "*/*" is a special case, do nothing except adding blank
String encodedKey = "*/*".equals(key)? "* / *" : escapeText(escapeQuotationMark(key));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Lv-Yi thanks for the fix but I'm afraid we need to keep it as previously reported by other users "/" should not be escaped/changed in order for it to function properly in the auto-generated code.

I think we'll need to create additional vendor extensions (e.g. x-consumes-doc) in postProcessOperations to handle "/" specifically in the PHP documentation.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Lv-Yi suggestion: what about doing it in the postProcessOperations of PHP Lumen generator (java class) instead so that other generators won't be impacted by the fix? Here is an example:

https://github.com/OpenAPITools/openapi-generator/pull/354/files#diff-be240257b80dee7947c87e9322ba4950R332

@ackintosh ackintosh mentioned this pull request Jul 21, 2018
Merged
4 tasks
@wing328
Copy link
Member

wing328 commented Jul 26, 2018

Closed via #615

@Lv-Yi please check out the latest master and give it another try.

@wing328 wing328 closed this Jul 26, 2018
@wing328 wing328 removed this from the 4.0.0 milestone Jul 26, 2018
@snyk-bot snyk-bot mentioned this pull request Sep 21, 2021
Open
nilskuhn pushed a commit to nilskuhn/openapi-generator that referenced this pull request Apr 6, 2023
@kay-schecker
Merge pull request OpenAPITools#343 from OpenAPITools/renovate/dotenv…
6116eee 
…-9.x

chore(deps): update dependency dotenv to v9
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wing328 wing328 wing328 left review comments

Assignees
No one assigned
Labels
Server: PHP
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Lv-Yi @wing328 @ackintosh