Ensure Numeric Schema Maximum Defined

Risk Level: medium
Platform: OpenAPI
Spectral Rule ID: OPENAPI010

REMEDIATION

Define the maximum field for the numeric schema and set it to a reasonable value. You can also use the exclusiveMaximum field to exclude the boundary value from the range. For example:

  type: number
  minimum: 0
  exclusiveMinimum: true
  maximum: 50

The above schema defines a number that must be greater than 0 and less than or equal to 50. The value of maximum must be a number, not a string.

swagger: '2.0'
# OR
openapi: '3.0.0'
info:
  version: 1.0.0
  title: Sample API
paths:
  /products/`{id}`:
    get:
      parameters:
        - name: id
          in: path
          required: true
          type: integer
+         maximum: 100 # added maximum field
      responses:
        '200':
          description: A product object.
          content:
            application/json:
              schema:
                type: object
                properties:
                  name:
                    type: string
                  price:
                    type: number
                    format: float
+                     maximum: 999.99 # added maximum field
                  quantity:
                    type: integer
+                     maximum: 10 # added maximum field
                additionalProperties: false

Updated 7 months ago

REMEDIATION

Read more: