loafle/openapi-generator
3
0
Fork 0
forked from loafle/openapi-generator-original
Code Pull Requests Activity

better code injection handling for js

Browse Source
This commit is contained in:
wing328
2016-06-28 23:17:28 +08:00
parent acc28495e8
commit aec2f4e27c
1354 changed files with 313854 additions and 109 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
modules/swagger-codegen/src/main/java/io/swagger/codegen/languages/JavascriptClientCodegen.java
View File

@@ -240,21 +240,21 @@ public class JavascriptClientCodegen extends DefaultCodegen implements CodegenCo
Info info = swagger.getInfo();
if (StringUtils.isBlank(projectName) && info.getTitle() != null) {
// when projectName is not specified, generate it from info.title
projectName = dashize(info.getTitle());
projectName = sanitizeName(dashize(info.getTitle()));
}
if (StringUtils.isBlank(projectVersion)) {
// when projectVersion is not specified, use info.version
projectVersion = info.getVersion();
projectVersion = escapeUnsafeCharacters(escapeQuotationMark(info.getVersion()));
}
if (projectDescription == null) {
// when projectDescription is not specified, use info.description
projectDescription = info.getDescription();
projectDescription = sanitizeName(info.getDescription());
}
if (additionalProperties.get(PROJECT_LICENSE_NAME) == null) {
// when projectLicense is not specified, use info.license
if (info.getLicense() != null) {
License license = info.getLicense();
additionalProperties.put(PROJECT_LICENSE_NAME, license.getName());
additionalProperties.put(PROJECT_LICENSE_NAME, sanitizeName(license.getName()));
}
}
}
@@ -1032,4 +1032,16 @@ public class JavascriptClientCodegen extends DefaultCodegen implements CodegenCo
}
}
@Override
public String escapeQuotationMark(String input) {
// remove ', " to avoid code injection
return input.replace("\"", "").replace("'", "");
}
@Override
public String escapeUnsafeCharacters(String input) {
return input.replace("*/", "");
}
}