Unknown Prefix (v3)
- Query id: a5375be3-521c-43bb-9eab-e2432e368ee4
- Query name: Unknown Prefix (v3)
- Platform: OpenAPI
- Severity: Info
- Category: Best Practices
- CWE: 20
- URL: Github
Description¶
The media type prefix should be set as 'application', 'audio', 'font', 'example', 'image', 'message', 'model', 'multipart', 'text' or 'video'
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - json file
{
"openapi": "3.0.0",
"info": {
"title": "Simple API Overview",
"version": "1.0.0",
"contact": {
"name": "contact",
"url": "https://www.google.com/",
"email": "user@gmail.c"
}
},
"paths": {
"/": {
"get": {
"operationId": "listVersionsv2",
"summary": "List API versions",
"responses": {
"200": {
"description": "200 response",
"content": {
"application/json": {
"examples": {
"foo": {
"value": {
"versions": [
{
"status": "CURRENT",
"updated": "2011-01-21T11:33:21Z",
"id": "v2.0",
"links": [
{
"href": "http://127.0.0.1:8774/v2/",
"rel": "self"
}
]
}
]
}
}
}
}
}
}
}
}
}
},
"components": {
"responses": {
"ResponseExample": {
"description": "200 response",
"content": {
"applicasdsadtion/json": {
"schema": {
"discriminator": {
"propertyName": "petType"
},
"properties": {
"code": {
"type": "string",
"format": "binary"
},
"message": {
"type": "string"
}
},
"type": "object"
},
"encoding": {
"profileImage": {
"contentType": "image/png, image/jpeg"
}
}
}
}
}
}
}
}
Positive test num. 2 - json file
{
"openapi": "3.0.0",
"info": {
"title": "Simple API Overview",
"version": "1.0.0",
"contact": {
"name": "contact",
"url": "https://www.google.com/",
"email": "user@gmail.c"
}
},
"paths": {
"/": {
"get": {
"responses": {
"200": {
"description": "200 response",
"content": {
"ddddd/json": {
"schema": {
"type": "object",
"discriminator": {
"propertyName": "petType"
},
"properties": {
"code": {
"type": "string",
"format": "binary"
},
"message": {
"type": "string"
}
}
},
"encoding": {
"profileImage": {
"contentType": "image/png, image/jpeg"
}
}
}
}
}
},
"operationId": "listVersionsv2",
"summary": "List API versions"
}
}
}
}
Positive test num. 3 - yaml file
openapi: 3.0.0
info:
title: Simple API Overview
version: 1.0.0
paths:
"/":
get:
operationId: listVersionsv2
summary: List API versions
responses:
"200":
description: 200 response
content:
application/json:
examples:
foo:
value:
versions:
- status: CURRENT
updated: "2011-01-21T11:33:21Z"
id: v2.0
links:
- href: http://127.0.0.1:8774/v2/
rel: self
components:
responses:
ResponseExample:
description: 200 response
content:
sssssss/json:
schema:
type: object
discriminator:
propertyName: petType
properties:
code:
type: string
format: binary
message:
type: string
encoding:
profileImage:
contentType: image/png, image/jpeg
Positive test num. 4 - yaml file
openapi: 3.0.0
info:
title: Simple API Overview
version: 1.0.0
paths:
"/":
get:
operationId: listVersionsv2
summary: List API versions
responses:
"200":
description: 200 response
content:
applicatisdsdsdon/json:
schema:
type: object
discriminator:
propertyName: petType
properties:
code:
type: string
format: binary
message:
type: string
encoding:
profileImage:
contentType: image/png, image/jpeg
Code samples without security vulnerabilities¶
Negative test num. 1 - json file
{
"openapi": "3.0.0",
"info": {
"title": "Simple API Overview",
"version": "1.0.0",
"contact": {
"name": "contact",
"url": "https://www.google.com/",
"email": "user@gmail.c"
}
},
"paths": {
"/": {
"get": {
"operationId": "listVersionsv2",
"summary": "List API versions",
"responses": {
"200": {
"description": "200 response",
"content": {
"application/json": {
"examples": {
"foo": {
"value": {
"versions": [
{
"status": "CURRENT",
"updated": "2011-01-21T11:33:21Z",
"id": "v2.0",
"links": [
{
"href": "http://127.0.0.1:8774/v2/",
"rel": "self"
}
]
}
]
}
}
}
}
}
}
}
}
}
},
"components": {
"responses": {
"ResponseExample": {
"description": "200 response",
"content": {
"application/json": {
"schema": {
"discriminator": {
"propertyName": "petType"
},
"properties": {
"code": {
"type": "string",
"format": "binary"
},
"message": {
"type": "string"
}
},
"type": "object"
},
"encoding": {
"code": {
"contentType": "image/png, image/jpeg"
}
}
}
}
}
}
}
}
Negative test num. 2 - json file
{
"openapi": "3.0.0",
"info": {
"title": "Simple API Overview",
"version": "1.0.0",
"contact": {
"name": "contact",
"url": "https://www.google.com/",
"email": "user@gmail.c"
}
},
"paths": {
"/": {
"get": {
"responses": {
"200": {
"description": "200 response",
"content": {
"application/json": {
"schema": {
"type": "object",
"discriminator": {
"propertyName": "petType"
},
"properties": {
"code": {
"type": "string",
"format": "binary"
},
"message": {
"type": "string"
}
}
},
"encoding": {
"code": {
"contentType": "image/png, image/jpeg"
}
}
}
}
}
},
"operationId": "listVersionsv2",
"summary": "List API versions"
}
}
}
}
Negative test num. 3 - yaml file
openapi: 3.0.0
info:
title: Simple API Overview
version: 1.0.0
paths:
"/":
get:
operationId: listVersionsv2
summary: List API versions
responses:
"200":
description: 200 response
content:
application/json:
examples:
foo:
value:
versions:
- status: CURRENT
updated: "2011-01-21T11:33:21Z"
id: v2.0
links:
- href: http://127.0.0.1:8774/v2/
rel: self
components:
responses:
ResponseExample:
description: 200 response
content:
application/json:
schema:
type: object
discriminator:
propertyName: petType
properties:
code:
type: string
format: binary
message:
type: string
encoding:
code:
contentType: image/png, image/jpeg
Negative test num. 4 - yaml file
openapi: 3.0.0
info:
title: Simple API Overview
version: 1.0.0
paths:
"/":
get:
operationId: listVersionsv2
summary: List API versions
responses:
"200":
description: 200 response
content:
application/json:
schema:
type: object
discriminator:
propertyName: petType
properties:
code:
type: string
format: binary
message:
type: string
encoding:
code:
contentType: image/png, image/jpeg