Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Introduce constraints for Server Object url fixed field #4272

Open
wants to merge 3 commits into
base: v3.1-dev
Choose a base branch
from

Conversation

char0n
Copy link
Contributor

@char0n char0n commented Dec 19, 2024

I went ahead with this suggestion, as it is something that is not obvious from reading the OpenAPI spec, but it becomes obvious for the tooling authors during implementations.

Server Object.url field is defined as A URL to the target host.

OpenAPI further stipulates:

Unless specified otherwise, all fields that are URLs MAY be relative references as defined by RFC3986

Looking at RFC 3986, the Server Object.url can be one of the following:

URI           = scheme ":" hier-part [ "?" query ] [ "#" fragment ]
relative-ref  = relative-part [ "?" query ] [ "#" fragment ]

Both of these non-terminals allow query and fragment. But effectively, we cannot allow them as OpenAPI further stipulates:

The path is appended to the URL from the Server Object in order to construct the full URL

Appending to URL or resolved relative reference containing query or fragment will end up corrupting the resulting URL.


There is another aspect of Server Object.url, and that's being Scheme-Based Normalization. When we define server URL as https://exmaple.com/, the tooling tends to remove the last character from the URL, if the character=/ before the path from Paths Object is appended to it. This is possible because of equivalence as described by Scheme-Based Normalization.

// server URL
http://example.com/

// paths
/path1
/path2

// we want to end up here
http://example.com/path1
http://example.com/path2

// we might end up here
http://example.com//path1
http://example.com//path2

AFAICT we cannot apply Scheme-Based Normalization to URL like http://example.com/initial-path. http://example.com/initial-path is not equivalent anymore to http://example.com/initial-path/.

I guess my question is, if we shouldn't restrict Server Object.url not to end with explicit /?

@char0n char0n requested review from a team as code owners December 19, 2024 20:58
src/oas.md Outdated Show resolved Hide resolved
Co-authored-by: Ralf Handl <[email protected]>
@char0n
Copy link
Contributor Author

char0n commented Dec 20, 2024

@ralfhandl thanks, what about the Scheme-Based Normalization issue? Do you think it is warranted to verbalize this into a url field description? Something like

This URL SHOULD NOT end with / character.

src/oas.md Outdated Show resolved Hide resolved
Copy link
Contributor

@miqui miqui left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Perhaps we should wait until the next tdc to merge?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants