Merge branch 'master' of github.com:swagger-api/swagger-ui into ft/oas3

.eslintrc

@@ -22,7 +22,7 @@
   "rules": {
     "semi": [2, "never"],
     "strict": 0,
-    "quotes": 2,
+    "quotes": [2, "double", { "allowTemplateLiterals": true }],
     "no-unused-vars": 2,
     "no-multi-spaces": 1,
     "camelcase": 1,

.gitattributes

@@ -0,0 +1 @@
+docker-run.sh text eol=lf

Dockerfile

@@ -1,4 +1,4 @@
-FROM alpine:3.4
+FROM alpine:3.5
 
 MAINTAINER fehguy
 

README.md

@@ -8,6 +8,11 @@
 
 As a brand new version, written from the ground up, there are some known issues and unimplemented features. Check out the [Known Issues](#known-issues) section for more details.
 
+This repo publishes to two different NPM packages:
+
+* [swagger-ui](https://www.npmjs.com/package/swagger-ui) is intended for use as a node module.
+* [swagger-ui-dist](https://www.npmjs.com/package/swagger-ui-dist) comes pre-bundled with all dependencies and can be incorporated directly in a webapp.
+
 For the older version of swagger-ui, refer to the [*2.x branch*](https://github.com/swagger-api/swagger-ui/tree/2.x).
 
 ## Compatibility
@@ -59,6 +64,11 @@ To help with the migration, here are the currently known issues with 3.X. This l
 - l10n (translations) is not implemented.
 - Relative path support for external files is not implemented.
 
+### Direct use of JS and CSS assets
+To include the JS, CSS and image assets directly into a webpage, use the [swagger-ui-dist](https://www.npmjs.com/package/swagger-ui-dist) package.
+The root directory of this package contains the contents of the _dist/_ directory of this repo.
+As a node module, `swagger-ui-dist` also exports the `swagger-ui-bundle` and `swagger-ui-standalone-preset` objects.
+
 ### SwaggerUIBundle
 To use swagger-ui's bundles, you should take a look at the [source of swagger-ui html page](https://github.com/swagger-api/swagger-ui/blob/master/dist/index.html) and customize it. This basically requires you to instantiate a SwaggerUi object as below:
 

dist/oauth2-redirect.html

@@ -8,6 +8,7 @@
     function run () {
         var oauth2 = window.opener.swaggerUIRedirectOauth2;
         var sentState = oauth2.state;
+        var redirectUrl = oauth2.redirectUrl;
         var isValid, qp, arr;
 
         qp = (window.location.hash || location.search).substring(1);
@@ -35,7 +36,7 @@
             if (qp.code) {
                 delete oauth2.state;
                 oauth2.auth.code = qp.code;
-                oauth2.callback(oauth2.auth);
+                oauth2.callback({auth: oauth2.auth, redirectUrl: redirectUrl});
             } else {
                 oauth2.errCb({
                     authId: oauth2.auth.name,
@@ -45,9 +46,8 @@
                 });
             }
         } else {
-            oauth2.callback({auth: oauth2.auth, token: qp, isValid: isValid});
+            oauth2.callback({auth: oauth2.auth, token: qp, isValid: isValid, redirectUrl: redirectUrl});
         }
         window.close();
     }
-
 </script>

dist/swagger-ui-bundle.js.map

@@ -1 +1 @@
-{"version":3,"file":"swagger-ui-bundle.js","sources":["webpack:///swagger-ui-bundle.js"],"mappings":"AAAA;AAu/FA;AA6+FA;;;;;;;;;;;;;;;;;;;;;;;;;;AA2TA;;;;;;AAoIA;AAizFA;AAqjCA;AA0nJA;AA67IA;AA0zGA;AA2xFA;AA6iFA;AAqtFA;AAu+CA;AAs/CA;AA6rCA;AAu2EA;;;;;AAoqCA;AAsyJA;;;;;;;;;;;;;;AA64EA;AA4mIA;AAquJA;AA2qHA;AA2mGA;AAiiEA;AAq4DA;AAg3DA;AAoPA;;;;;;AAk7FA;AA07FA;;;;;AAi8CA;AAgsFA;AAs2CA;AA+kCA;AAg8CA;AAg/EA;AAi/BA;AAs0FA;;;;;;;;;AAumDA;AA2zIA;AAu7FA;AAmrFA;AAumEA;AA4jEA;AAqBA;AA8DA;;;;;;AA4xFA;AA4qFA","sourceRoot":""}
+{"version":3,"file":"swagger-ui-bundle.js","sources":["webpack:///swagger-ui-bundle.js"],"mappings":"AAAA;AAu/FA;AA6+FA;;;;;;;;;;;;;;;;;;;;;;;;;;AA2TA;;;;;;AAoIA;AAizFA;AAqjCA;AA0nJA;AA67IA;AA0zGA;AA2xFA;AA6iFA;AAqtFA;AAu+CA;AAs/CA;AA6rCA;AAu2EA;;;;;AAoqCA;AAsyJA;;;;;;;;;;;;;;AA64EA;AA4mIA;AAquJA;AA2qHA;AA2mGA;AAiiEA;AAq4DA;AAg3DA;AAoPA;;;;;;AAk7FA;AA07FA;;;;;AAi8CA;AAgsFA;AAs2CA;AAglCA;AAg8CA;AAg/EA;AAq8BA;AAq3FA;;;;;;;;;AA6mDA;AA2zIA;AAu7FA;AAmrFA;AA6lEA;AA6kEA;AAqBA;AA8DA;;;;;;AA4xFA;AA4qFA","sourceRoot":""}

dist/swagger-ui.js.map

@@ -1 +1 @@
-{"version":3,"file":"swagger-ui.js","sources":["webpack:///swagger-ui.js"],"mappings":"AAAA;;;;;;AAq2CA;AAoyHA;AAuyHA;AAukGA;AA+9BA;AA2jCA;AA2iCA;AAy5BA","sourceRoot":""}
+{"version":3,"file":"swagger-ui.js","sources":["webpack:///swagger-ui.js"],"mappings":"AAAA;;;;;;AAq2CA;AAoyHA;AAuyHA;AAukGA;AA+9BA;AA4jCA;AA0iCA;AA04BA","sourceRoot":""}

package.json

@@ -32,7 +32,7 @@
     "test": "npm run lint-errors && npm run just-test-in-node",
     "test-in-node": "npm run lint-errors && npm run just-test-in-node",
     "just-test": "karma start --config karma.conf.js",
-    "just-test-in-node": "mocha --recursive --compilers js:babel-core/register test/core test/components"
+    "just-test-in-node": "mocha --recursive --compilers js:babel-core/register test/core test/components test/bugs"
   },
   "dependencies": {
     "babel-polyfill": "^6.23.0",

src/core/components/auth/oauth2.jsx

@@ -27,7 +27,7 @@ export default class Oauth2 extends React.Component {
     let username = auth && auth.get("username") || ""
     let clientId = auth && auth.get("clientId") || authConfigs.clientId || ""
     let clientSecret = auth && auth.get("clientSecret") || authConfigs.clientSecret || ""
-    let passwordType = auth && auth.get("passwordType") || "basic"
+    let passwordType = auth && auth.get("passwordType") || "request-body"
 
     this.state = {
       appName: authConfigs.appName,
@@ -97,12 +97,13 @@ export default class Oauth2 extends React.Component {
     let isAuthorized = !!authorizedAuth
     let errors = errSelectors.allErrors().filter( err => err.get("authId") === name)
     let isValid = !errors.filter( err => err.get("source") === "validation").size
+    let description = schema.get("description")
 
     return (
       <div>
         <h4>OAuth2.0 <JumpToPath path={[ "securityDefinitions", name ]} /></h4>
         { !this.state.appName ? null : <h5>Application: { this.state.appName } </h5> }
-        <Markdown source={ schema.get("description") } />
+        { description && <Markdown source={ schema.get("description") } /> }
 
         { isAuthorized && <h6>Authorized</h6> }
 

src/core/components/models.jsx

@@ -6,13 +6,15 @@ export default class Models extends Component {
     getComponent: PropTypes.func,
     specSelectors: PropTypes.object,
     layoutSelectors: PropTypes.object,
-    layoutActions: PropTypes.object
+    layoutActions: PropTypes.object,
+    getConfigs: PropTypes.func.isRequired
   }
 
   render(){
-    let { specSelectors, getComponent, layoutSelectors, layoutActions } = this.props
+    let { specSelectors, getComponent, layoutSelectors, layoutActions, getConfigs } = this.props
     let definitions = specSelectors.definitions()
-    let showModels = layoutSelectors.isShown("models", true)
+    let { docExpansion } = getConfigs()
+    let showModels = layoutSelectors.isShown("models", docExpansion === "full" || docExpansion === "list" )
 
     const Model = getComponent("model")
     const Collapse = getComponent("Collapse")

src/core/components/providers/markdown.jsx

@@ -2,8 +2,15 @@ import React, { PropTypes } from "react"
 import Remarkable from "react-remarkable"
 import sanitize from "sanitize-html"
 
+const sanitizeOptions = {
+  textFilter: function(text) {
+    return text
+      .replace(/"/g, "\"")
+  }
+}
+
 function Markdown({ source }) {
-  const sanitized = sanitize(source)
+  const sanitized = sanitize(source, sanitizeOptions)
   return <Remarkable
     options={{html: true, typographer: true, linkify: true, linkTarget: "_blank"}}
     source={sanitized}

test/bugs/3199-sanitization-escaping.js

@@ -0,0 +1,23 @@
+/* eslint-env mocha */
+import React from "react"
+import expect from "expect"
+import { render } from "enzyme"
+import Markdown from "components/providers/markdown"
+
+describe("UI-3199: Sanitized Markdown causing code examples to be double escaped", function(){
+  it("should single-escape quotes", function(){
+
+    let str = "" +
+    "This is a test: \n\n" +
+    "    {\"abc\": \"def\"}\n"
+
+    let props = {
+      source: str
+    }
+
+    let el = render(<Markdown {...props}/>)
+
+    expect(el.find("code").first().text()).toEqual("{\"abc\": \"def\"}\n")
+    expect(el.find("code").first().html()).toEqual("{&quot;abc&quot;: &quot;def&quot;}\n")
+  })
+})