* Add default configuration `preserveAuthorization`
* Add localStorage to auth plugin
* Add persistAuthorization unit tests
* Refactor persistAuthorization to use wrapped actions
* Upgrade unit tests to be compatible with jest
* Add persistAuthorization documentation
Co-authored-by: Tim Lai <timothy.lai@gmail.com>
* es2015 bundle with dependencies via npm script build:es:bundle
* es2015 bundle without dependencies via npm script build:es:bundle
* jest dependency for test:artifact
* migrate babel.config.json to babel.config.js and maintain env support for commonjs and es2015
* remove polyfill
* fix es syntax: replace module.exports with export
* fix es syntax: remove .jsx extension inside import
* Added tooling for appending OAS3 relative URLs to selected Server
Info
* Terms of service URL
* Contact URL
* License URL
* External Docs URL
Tag
* Tag External Docs URL
Operation
* Operation External Docs
** Operation Tag
Co-authored-by: Tim Lai <timothy.lai@gmail.com>
This address a bug where a `$` character in a request body or header
would not be properly escaped in a string in the generated curl command.
Fixes#5390
* fix(OAS3): servers component should use nextProps
* test(OAS3): cypress tests for selecting multiple servers
* test(OAS3): multiple server test with definition change
fixes#5181
* application/json
* application/xml
* application/x-www-form-urlencoded
* Set requestBodyValue values to be an immutable Map, as "value". Previously stored as a normal String.
* This enables adding "errors" to the Map, for validation use
* note: getOAS3RequiredRequestBodyContentType requires state.spec,
* which is not available to state.oas3
swagger-client in versions =3.10.9 exports it's build artifacts in multiple ways.
One artifact is exposed as ES5 compatible code with ES6 imports.
We use this fact to utilize webpack tree shaking algorithm.
This commit also updates swagger-client to v3.10.0
and decreases bundle size for around 10%.
Import of helpers from swagger-client worked because of the fact
that commonjs exports are basically an objects that can be destructured.
Whenever swagger-client switches to ES6 imports as primary mechanism
of webpack consuptions imports like that will fail. This change makes
sure that import mechanism is both compatible with ES6 and commonjs
import systems.
Along with that rename default import of swagger-client
to more appropriate SwaggerClient.
On server-side execution `dompurify` exports factory function instead of
a purifier instance. Because of this, server-side code that imports
SwaggerUI (e.g. via `swagger-ui-react`) fails, since `DomPurify.addHook`
does not exist.
This affects universal rendering apps which share code
between client-side and server-side.
This commit changes markdown sanitization behaviour in following way:
class, style and data-* attributes are removed by default. These attributes
open possible vulnerability vectors to attackers.
The original behavior of sanitizer (before this commit) can be enabled by *useUnsafeMarkdown* configuration option.
Use this configuration option with caution and only in cases when you know
what you're doing.
* Add empty data param to cURL if no request body was given
Some middleware applications do not allow POST requests without a content-length header. By adding a empty data parameter to the curl command, the content-length header will be set by curl. Besides this it is more obvious to the user that no request body is sent.
* use double quotes like the rest of the curl command
