Unknown Prefix (v2)
- Query id: 3b615f00-c443-4ba9-acc4-7c308716917d
- Query name: Unknown Prefix (v2)
- Platform: OpenAPI
- Severity: Info
- Category: Best Practices
- CWE: 710
- URL: Github
Description¶
The media type prefix should be set as 'application', 'audio', 'font', 'example', 'image', 'message', 'model', 'multipart', 'text' or 'video'
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - json file
{
"swagger": "2.0",
"info": {
"title": "Simple API Overview",
"version": "1.0.0"
},
"paths": {
"/": {
"get": {
"operationId": "listVersionsv2",
"summary": "List API versions",
"produces": [
"aplication/json"
],
"responses": {
"200": {
"schema": {
"$ref": "#/definitions/User"
}
}
},
"parameters": [
{
"$ref": "#/parameters/limitParam"
}
]
}
}
},
"parameters": {
"limitParam": {
"name": "limit",
"in": "query",
"description": "max records to return",
"required": true,
"schema": {
"type": "integer"
}
}
},
"definitions": {
"User": {
"type": "object",
"required": [
"id",
"name"
],
"properties": {
"id": {
"type": "integer",
"format": "int64"
},
"name": {
"type": "string"
}
}
}
}
}
Positive test num. 2 - json file
{
"swagger": "2.0",
"info": {
"title": "Simple API Overview",
"version": "1.0.0"
},
"paths": {
"/": {
"get": {
"operationId": "listVersionsv2",
"summary": "List API versions",
"responses": {
"200": {
"schema": {
"$ref": "#/definitions/User"
}
}
},
"parameters": [
{
"$ref": "#/parameters/limitParam"
}
]
}
}
},
"parameters": {
"limitParam": {
"name": "limit",
"in": "query",
"description": "max records to return",
"required": true,
"schema": {
"type": "integer"
}
}
},
"produces": [
"aplication/json"
],
"definitions": {
"User": {
"type": "object",
"required": [
"id",
"name"
],
"properties": {
"id": {
"type": "integer",
"format": "int64"
},
"name": {
"type": "string"
}
}
}
}
}
Positive test num. 3 - yaml file
swagger: '2.0'
info:
title: Simple API Overview
version: 1.0.0
paths:
"/":
get:
operationId: listVersionsv2
summary: List API versions
produces:
- aplication/json
responses:
'200':
schema:
"$ref": "#/definitions/User"
parameters:
- "$ref": "#/parameters/limitParam"
parameters:
limitParam:
name: limit
in: query
description: max records to return
required: true
schema:
type: integer
definitions:
User:
type: object
required:
- id
- name
properties:
id:
type: integer
format: int64
name:
type: string
Positive test num. 4 - yaml file
swagger: '2.0'
info:
title: Simple API Overview
version: 1.0.0
paths:
"/":
get:
operationId: listVersionsv2
summary: List API versions
responses:
'200':
schema:
"$ref": "#/definitions/User"
parameters:
- "$ref": "#/parameters/limitParam"
parameters:
limitParam:
name: limit
in: query
description: max records to return
required: true
schema:
type: integer
produces:
- aplication/json
definitions:
User:
type: object
required:
- id
- name
properties:
id:
type: integer
format: int64
name:
type: string
Code samples without security vulnerabilities¶
Negative test num. 1 - json file
{
"swagger": "2.0",
"info": {
"title": "Simple API Overview",
"version": "1.0.0"
},
"paths": {
"/": {
"get": {
"operationId": "listVersionsv2",
"summary": "List API versions",
"produces": [
"application/json"
],
"responses": {
"200": {
"schema": {
"$ref": "#/definitions/User"
}
}
},
"parameters": [
{
"$ref": "#/parameters/limitParam"
}
]
}
}
},
"parameters": {
"limitParam": {
"name": "limit",
"in": "query",
"description": "max records to return",
"required": true,
"schema": {
"type": "integer"
}
}
},
"definitions": {
"User": {
"type": "object",
"required": [
"id",
"name"
],
"properties": {
"id": {
"type": "integer",
"format": "int64"
},
"name": {
"type": "string"
}
}
}
}
}
Negative test num. 2 - json file
{
"swagger": "2.0",
"info": {
"title": "Simple API Overview",
"version": "1.0.0"
},
"paths": {
"/": {
"get": {
"operationId": "listVersionsv2",
"summary": "List API versions",
"responses": {
"200": {
"schema": {
"$ref": "#/definitions/User"
}
}
},
"parameters": [
{
"$ref": "#/parameters/limitParam"
}
]
}
}
},
"parameters": {
"limitParam": {
"name": "limit",
"in": "query",
"description": "max records to return",
"required": true,
"schema": {
"type": "integer"
}
}
},
"produces": [
"application/json"
],
"definitions": {
"User": {
"type": "object",
"required": [
"id",
"name"
],
"properties": {
"id": {
"type": "integer",
"format": "int64"
},
"name": {
"type": "string"
}
}
}
}
}
Negative test num. 3 - yaml file
swagger: '2.0'
info:
title: Simple API Overview
version: 1.0.0
paths:
"/":
get:
operationId: listVersionsv2
summary: List API versions
produces:
- application/json
responses:
'200':
schema:
"$ref": "#/definitions/User"
parameters:
- "$ref": "#/parameters/limitParam"
parameters:
limitParam:
name: limit
in: query
description: max records to return
required: true
schema:
type: integer
definitions:
User:
type: object
required:
- id
- name
properties:
id:
type: integer
format: int64
name:
type: string
Negative test num. 4 - yaml file
swagger: '2.0'
info:
title: Simple API Overview
version: 1.0.0
paths:
"/":
get:
operationId: listVersionsv2
summary: List API versions
responses:
'200':
schema:
"$ref": "#/definitions/User"
parameters:
- "$ref": "#/parameters/limitParam"
parameters:
limitParam:
name: limit
in: query
description: max records to return
required: true
schema:
type: integer
produces:
- application/json
definitions:
User:
type: object
required:
- id
- name
properties:
id:
type: integer
format: int64
name:
type: string