kyy/swagger-ui
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: sanitize URLs used for OAuth auth flow (via #5190)

Browse Source 
* fix: sanitize URLs used for OAuth auth flow

* embetter test case

* fix linter issue
This commit is contained in:
kyle
2019-02-23 14:14:30 -08:00
committed by GitHub
parent d9f460f4a8
commit 1e184e8e21
3 changed files with 32 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
test/e2e-cypress/static/documents/xss/oauth2.yaml Normal file
View File

@@ -0,0 +1,5 @@
swagger: '2.0'
securityDefinitions:
a:
type: oauth2
authorizationUrl: javascript:alert(document.domain)//