Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Disallow ? , space and # in paths #330

Closed
mohsen1 opened this issue Apr 17, 2015 · 6 comments
Closed

Disallow ? , space and # in paths #330

mohsen1 opened this issue Apr 17, 2015 · 6 comments
Labels

Comments

@mohsen1
Copy link
Contributor

mohsen1 commented Apr 17, 2015

Per URL specs ?, and#should not be part of the path.
I'm not sure about=.

@webron webron added the Schema label Apr 17, 2015
@earth2marsh
Copy link
Member

= is use in matrix parameters, which live in the path; however, I'm not sure whether the Swagger spec specifically supports matrix parameters. Generally, matrix parameters act as a filter at the specific level of the hierarchy where they are declared rather than query parameters that act on the entire resource, so I expect they don't impact the operation signature and therefore seem compatible with Swagger.

It looks like #69 rejected the idea of explicit support for matrix params in the spec, but the fact that they exist seem to argue that = is permissible in the path.

@webron
Copy link
Member

webron commented Apr 17, 2015

It's true, @earth2marsh - at least for now we decided not to support matrix params (it was part of the discussion in 2.0). Also, as explained here, I'm not entirely sure we should restrict it at all in the schema.

I'm still glad the issue exists here, as it'll force me to consider it :)

@mohsen1
Copy link
Contributor Author

mohsen1 commented Apr 17, 2015

Because the URL and path are well specified in the standard, it's safe to restrict them. Disallowing ? for example gives users the hint that they need to specify a query param instead of having query string in their paths.

@webron
Copy link
Member

webron commented Apr 17, 2015

Mime types are also well defined (in format). I get what issue you're trying to avoid here, which is more 'sever' than the problems that can occur in mime types, so it can be a good idea in this case.

@RobDolinMS
Copy link
Contributor

@mohsen1 Based on this discussion and the current OpenAPI Spec v3, do you believe there is more work needed to address this issue ?

@handrews
Copy link
Member

The syntax for path templates in the Paths Object is derived from the RFC, which already forbids ? and # in the part of the URL that can appear there. Whether or not any given tool enforces this correctly should be taken up with the specific tool provider.

As noted above, we do not plan to forbid = as it has valid use cases and is allowed by the RFC (even if the OAS is not directly supporting those use cases). So this seems like it can be closed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

5 participants