* fix(OAS3): servers component should use nextProps
* test(OAS3): cypress tests for selecting multiple servers
* test(OAS3): multiple server test with definition change
fixes#5181
* application/json
* application/xml
* application/x-www-form-urlencoded
* Set requestBodyValue values to be an immutable Map, as "value". Previously stored as a normal String.
* This enables adding "errors" to the Map, for validation use
* note: getOAS3RequiredRequestBodyContentType requires state.spec,
* which is not available to state.oas3
swagger-client in versions =3.10.9 exports it's build artifacts in multiple ways.
One artifact is exposed as ES5 compatible code with ES6 imports.
We use this fact to utilize webpack tree shaking algorithm.
This commit also updates swagger-client to v3.10.0
and decreases bundle size for around 10%.
Import of helpers from swagger-client worked because of the fact
that commonjs exports are basically an objects that can be destructured.
Whenever swagger-client switches to ES6 imports as primary mechanism
of webpack consuptions imports like that will fail. This change makes
sure that import mechanism is both compatible with ES6 and commonjs
import systems.
Along with that rename default import of swagger-client
to more appropriate SwaggerClient.
On server-side execution `dompurify` exports factory function instead of
a purifier instance. Because of this, server-side code that imports
SwaggerUI (e.g. via `swagger-ui-react`) fails, since `DomPurify.addHook`
does not exist.
This affects universal rendering apps which share code
between client-side and server-side.
This commit changes markdown sanitization behaviour in following way:
class, style and data-* attributes are removed by default. These attributes
open possible vulnerability vectors to attackers.
The original behavior of sanitizer (before this commit) can be enabled by *useUnsafeMarkdown* configuration option.
Use this configuration option with caution and only in cases when you know
what you're doing.
* Add empty data param to cURL if no request body was given
Some middleware applications do not allow POST requests without a content-length header. By adding a empty data parameter to the curl command, the content-length header will be set by curl. Besides this it is more obvious to the user that no request body is sent.
* use double quotes like the rest of the curl command
bug: JsonSchema components should validate schema properties exists
- schema
- type
- format
- enum
bug: fix a debounce error in JsonSchema_string if value is null
ft: new simplified JsonSchemaArrayItemText component
test: use immutableJS for `json-schema-form` test
test: add dev scripts to run `cypress open`
test: new cypress `schema-form` tests
This is a force-pushed squash of two PR merges (#5919, #5940) that were
formerly present on master as individual commits.
Co-Authored-By: kyle shockey <kyleshockey@gmail.com>
* Fix basic-auth.jsx: do not require password in UI
password is not PropTypes.string.isRequired, but the markup wrongly makes it mandatory
* Do not require password input in http-auth.jsx
This is used by the Authorize modal. Not sure when the similar code from basic-auth.jsx is used.
Co-authored-by: kyle shockey <kyle.shockey1@gmail.com>
* Added optional isShownKey prop to Componenent to allow overriding
* Removed unneccasry before is isShwonKey
* Added PropTypes to isShownKey
* Added isShownKey to <OperationWrapper/> and removed it from <Operation />
* Removed isShwonKey prop it from <Operation />
* revert package-lock.json
Co-authored-by: kyle shockey <kyleshockey@gmail.com>
