Ensure JSON object schema have 'properties' defined and 'additionalProperties' set to false
Ensure that the properties
of a JSON object are defined in OpenAPI and no other properties are allowed. Otherwise, the API may accept invalid or unexpected data and cause errors.
Risk Level: medium
Platform: OpenAPI
Spectral Rule ID: OPENAPI007
REMEDIATION
Define the properties
field for the object schema and set additionalProperties
to false.
swagger: '2.0'
# OR
openapi: '3.0.0'
info:
version: 1.0.0
title: Sample API
paths:
/users/{id}:
get:
parameters:
- name: id
in: path
required: true
type: string
responses:
'200':
description: A user object.
content:
application/json:
schema:
type: object
+ properties:
+ name:
+ type: string
+ age:
+ type: integer
+ email:
+ type: string
+ format: email
+ additionalProperties: false
Read more:
- TBD
Updated over 1 year ago