Default Invalid (v3)
- Query id: a96bbc06-8cde-4295-ad3c-ee343a7f658e
- Query name: Default Invalid (v3)
- Platform: OpenAPI
- Severity: Info
- Category: Structure and Semantics
- CWE: 20
- URL: Github
Description¶
The field 'default' of Schema Object should be consistent with the schema's type
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - json file
{
"openapi": "3.0.0",
"info": {
"title": "Simple API Overview",
"version": "1.0.0"
},
"paths": {
"/": {
"get": {
"operationId": "listVersionsv2",
"summary": "List API versions",
"responses": {
"200": {
"description": "200 response",
"content": {
"application/json": {
"schema": {
"type": "integer",
"format": "int32",
"description": "the size of the pack the dog is from",
"default": "a",
"minimum": 0
}
}
}
}
}
}
}
}
}
Positive test num. 2 - yaml file
swagger: "2.0"
info:
title: Simple API Overview
version: 1.0.0
paths:
"/":
get:
operationId: listVersionsv2
summary: List API versions
responses:
"200":
description: 200 response
schema:
type: array
items:
type: string
default: { "a": "b" }
Positive test num. 3 - json file
{
"openapi": "3.0.0",
"info": {
"title": "Simple API Overview",
"version": "1.0.0"
},
"paths": {
"/": {
"get": {
"operationId": "listVersionsv2",
"summary": "List API versions",
"responses": {
"200": {
"description": "200 response",
"content": {
"application/json": {
"schema": {
"type": "number",
"minimum": 0,
"exclusiveMinimum": true,
"maximum": 50,
"default": "a"
}
}
}
}
}
}
}
}
}
Positive test num. 4 - json file
{
"openapi": "3.0.0",
"info": {
"title": "Simple API Overview",
"version": "1.0.0"
},
"paths": {
"/": {
"get": {
"operationId": "listVersionsv2",
"summary": "List API versions",
"responses": {
"200": {
"description": "200 response",
"content": {
"application/json": {
"schema": {
"default": [
{
"message": "hello",
"code": 200
}
],
"type": "object",
"required": [
"message",
"code"
],
"properties": {
"message": {
"type": "string"
},
"code": {
"type": "integer",
"minimum": 100,
"maximum": 600
}
}
}
}
}
}
}
}
}
}
}
Positive test num. 5 - json file
{
"openapi": "3.0.0",
"info": {
"title": "Simple API Overview",
"version": "1.0.0"
},
"paths": {
"/": {
"get": {
"operationId": "listVersionsv2",
"summary": "List API versions",
"responses": {
"200": {
"description": "200 response",
"content": {
"application/json": {
"schema": {
"default": {
"a": "b"
},
"type": "array",
"items": {
"type": "string"
}
}
}
}
}
}
}
}
}
}
Positive test num. 6 - yaml file
openapi: 3.0.0
info:
title: Simple API Overview
version: 1.0.0
paths:
"/":
get:
operationId: listVersionsv2
summary: List API versions
responses:
"200":
description: 200 response
content:
application/json:
schema:
type: integer
format: int32
description: the size of the pack the dog is from
default: "a"
minimum: 0
Positive test num. 7 - yaml file
Positive test num. 8 - yaml file
openapi: 3.0.0
info:
title: Simple API Overview
version: 1.0.0
paths:
"/":
get:
operationId: listVersionsv2
summary: List API versions
responses:
"200":
description: 200 response
content:
application/json:
schema:
type: object
required:
- message
- code
properties:
message:
type: string
code:
type: integer
minimum: 100
maximum: 600
default:
- { "message": "hello", "code": 200 }
Positive test num. 9 - yaml file
Positive test num. 10 - json file
{
"swagger": "2.0",
"info": {
"title": "Simple API Overview",
"version": "1.0.0"
},
"paths": {
"/": {
"get": {
"operationId": "listVersionsv2",
"summary": "List API versions",
"responses": {
"200": {
"description": "200 response",
"schema": {
"default": {
"a": "b"
},
"type": "array",
"items": {
"type": "string"
}
}
}
}
}
}
}
}
Code samples without security vulnerabilities¶
Negative test num. 1 - json file
{
"openapi": "3.0.0",
"info": {
"title": "Simple API Overview",
"version": "1.0.0"
},
"paths": {
"/": {
"get": {
"operationId": "listVersionsv2",
"summary": "List API versions",
"responses": {
"200": {
"description": "200 response",
"content": {
"application/json": {
"schema": {
"type": "integer",
"format": "int32",
"description": "the size of the pack the dog is from",
"default": 1,
"minimum": 0
}
}
}
}
}
}
}
}
}
Negative test num. 2 - yaml file
swagger: "2.0"
info:
title: Simple API Overview
version: 1.0.0
paths:
"/":
get:
operationId: listVersionsv2
summary: List API versions
responses:
"200":
description: 200 response
schema:
type: array
items:
type: string
default:
- a
Negative test num. 3 - json file
{
"openapi": "3.0.0",
"info": {
"title": "Simple API Overview",
"version": "1.0.0"
},
"paths": {
"/": {
"get": {
"operationId": "listVersionsv2",
"summary": "List API versions",
"responses": {
"200": {
"description": "200 response",
"content": {
"application/json": {
"schema": {
"type": "number",
"minimum": 0,
"exclusiveMinimum": true,
"maximum": 50,
"default": 5
}
}
}
}
}
}
}
}
}
Negative test num. 4 - json file
{
"openapi": "3.0.0",
"info": {
"title": "Simple API Overview",
"version": "1.0.0"
},
"paths": {
"/": {
"get": {
"operationId": "listVersionsv2",
"summary": "List API versions",
"responses": {
"200": {
"description": "200 response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"message",
"code"
],
"properties": {
"message": {
"type": "string"
},
"code": {
"type": "integer",
"minimum": 100,
"maximum": 600
}
},
"default": {
"message": "hello",
"code": 200
}
}
}
}
}
}
}
}
}
}
Negative test num. 5 - json file
{
"openapi": "3.0.0",
"info": {
"title": "Simple API Overview",
"version": "1.0.0"
},
"paths": {
"/": {
"get": {
"operationId": "listVersionsv2",
"summary": "List API versions",
"responses": {
"200": {
"description": "200 response",
"content": {
"application/json": {
"schema": {
"type": "array",
"items": {
"type": "string"
},
"default": [
"a"
]
}
}
}
}
}
}
}
}
}
Negative test num. 6 - yaml file
openapi: 3.0.0
info:
title: Simple API Overview
version: 1.0.0
paths:
"/":
get:
operationId: listVersionsv2
summary: List API versions
responses:
"200":
description: 200 response
content:
application/json:
schema:
type: integer
format: int32
description: the size of the pack the dog is from
default: 1
minimum: 0
Negative test num. 7 - yaml file
Negative test num. 8 - yaml file
openapi: 3.0.0
info:
title: Simple API Overview
version: 1.0.0
paths:
"/":
get:
operationId: listVersionsv2
summary: List API versions
responses:
"200":
description: 200 response
content:
application/json:
schema:
type: object
required:
- message
- code
properties:
message:
type: string
code:
type: integer
minimum: 100
maximum: 600
default: { "message": "hello", "code": 200 }
Negative test num. 9 - yaml file
Negative test num. 10 - json file
{
"swagger": "2.0",
"info": {
"title": "Simple API Overview",
"version": "1.0.0"
},
"paths": {
"/": {
"get": {
"operationId": "listVersionsv2",
"summary": "List API versions",
"responses": {
"200": {
"description": "200 response",
"schema": {
"type": "array",
"items": {
"type": "string"
},
"default": [
"a"
]
}
}
}
}
}
}
}