Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Parser does not validate GET request with request body #1601

Open
aneeshafedo opened this issue Aug 30, 2021 · 3 comments
Open

Parser does not validate GET request with request body #1601

aneeshafedo opened this issue Aug 30, 2021 · 3 comments

Comments

@aneeshafedo
Copy link

According to OpenAPI specification v3 GET, DELETE and HEAD are no longer allowed to have request body because it does not have defined semantics as per RFC 7231.

When validating a definition file with below path in which GET request has request body, using https://editor.swagger.io/, it gives a semantic error saying GET operations cannot have a requestBody. which is compatible with OpenAPI specification.

However when using the swagger-parser in my java project it does not return any parser error. I have tried the both 2.0.27 and 2.0.24 versions which are listed in the Maven central repository.

Sample OpenAPI definition

paths:
  /pets/{petId}:
    get:
      summary: Info for a specific pet
      operationId: showPetById
      tags:
        - pets
      parameters:
        - name: petId
          in: path
          required: true
          description: The id of the pet to retrieve
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              properties:
                name:
                  type: string
              type: object
        required: false
      responses:
        '200':
          description: Expected response to a valid request
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Pet"
@gracekarina
Copy link
Contributor

Hey @aneeshafedo, Thanks for sending us this:
I was checking the OpenAPI Specification 3.0.3 and this is what it says about requestBodies
The request body applicable for this operation. The requestBody is only supported in HTTP methods where the HTTP 1.1 specification RFC7231 has explicitly defined semantics for request bodies. In other cases where the HTTP spec is vague, requestBody SHALL be ignored by consumers.

@aneeshafedo
Copy link
Author

@gracekarina Thanl you for the reply. Then are u suggesting that the syntax error giving at https://editor.swagger.io/ is a bug in the editor? In my opinion errors giving at https://editor.swagger.io/ and the latest swagger parser (2.0.27) should be compatible.

@aneeshafedo aneeshafedo mentioned this issue Sep 27, 2021
Closed
@gracekarina
Copy link
Contributor

gracekarina commented Oct 6, 2021
edited
Loading

Hi! @aneeshafedo, we have to also warn in parser that in certain HTTP methods is not recommended to use a requestBody.

@ymohdriz ymohdriz mentioned this issue Nov 2, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@gracekarina @aneeshafedo