Categories
Tag: jsonpath
Add OpenAI flags to OpenAPI descriptions
With OpenAI’s new Actions feature allowing you to get a GPT that uses your own API, many new doors are open. However giving an AI an access token the keys to your API and telling it to have fun may lead you to realise that one of the doors available…
Meet Redocly CLI: The Modern OpenAPI Sidekick
Redocly CLI is a brilliant new tool from the folks who made ReDoc, the first beautiful API reference documentation tool powered by OpenAPI. This CLI tool goes a lot further than documentation, and helps with “linting” (automated API Style Guides), and solves the biggest problem that I had previously been…
vacuum OpenAPI Linter: owasp-define-error-responses-429
OWASP API Security recommends defining schemas for all responses. This includes the 429 response error code. JSONPath used $.paths..responses Bad example openapi: “3.1.0” info: version: “1.0” paths: /: get: responses: 200: description: ok content: “application/problem+json”: Good Example openapi: “3.1.0” info: version: “1.0” paths: /: get: responses: 429: description: ok content:…
vacuum OpenAPI Linter: owasp-no-additionalProperties
By default, JSON Schema allows additional properties, which can potentially lead to mass assignment issues with OpenAPI. Avoid using additionalProperties in schemas, or explicitly set to false. JSONPath used $..[?(@.type==”object” && @.additionalProperties) Bad example openapi: “3.0.0” info: version: “1.0” components: schemas: Foo: type: object additionalProperties: type: object properties: code: type:…
vacuum OpenAPI Linter: owasp-no-api-keys-in-url
Keep API Keys out of paths and query parameters! API Keys are (usually opaque) strings that are passed in headers, cookies or query parameters to access APIs. Those keys can be eavesdropped, especially when they are stored in cookies or passed as URL parameters. JSONPath used $..securitySchemes[*][?(@.type==”apiKey”)].in Bad example openapi:…
kubernetes – how to run the external-IP in a K8s namespace (installing JupyterHub)
I am following the instructions here: z2jh.jupyter.org/en/stable/jupyterhub/installation.html to install locally with kubernetes and minikube a jupyter hub. Its almost done as can be seen in the pic the namespace is called k8s-namespace-jose I had to run the command: kubectl –namespace get service proxy-public –output jsonpath=”{.status.loadBalancer.ingress[].ip}” In order to get the…