Merge pull request #3249 from wing328/csharp_security_fix

[C#] better code injection handling for C# API client
2016-06-29 23:59:24 +08:00
parent cb53ea114a 7951c06f55
commit 9ee10e2397
35 changed files with 2766 additions and 11 deletions
--- a/modules/swagger-codegen/src/main/java/io/swagger/codegen/languages/AbstractCSharpCodegen.java
+++ b/modules/swagger-codegen/src/main/java/io/swagger/codegen/languages/AbstractCSharpCodegen.java
@@ -656,4 +656,16 @@ public abstract class AbstractCSharpCodegen extends DefaultCodegen implements Co
    public String testPackageName() {
        return this.packageName + ".Test";
    }
+
+    @Override
+    public String escapeQuotationMark(String input) {
+        // remove " to avoid code injection
+        return input.replace("\"", "");
+    }
+
+    @Override
+    public String escapeUnsafeCharacters(String input) {
+        return input.replace("*/", "");
+    }
+
 }