bharel
Swagger file in relative path
I am having difficulty adding the Swagger file when it is in another directory. The plugin only recognizes the file when it is in the same directory as the file.md
Example of my structure
project
│ test.md
│
└───assets
│ │ └───swagger
│ │ | openapi.json
Attempts to add openapi.json:
./assets/swagger/openapi.json/assets/swagger/openapi.jsonassets/swagger/openapi.json
@miquelis I created another MkDocs plugin to render Swagger UI https://github.com/blueswen/mkdocs-swagger-ui-tag. Which could include OpenAPI Spec file cross directories like include image in MkDocs. Maybe my plugin could fit your requirement.
As written in the docs:
Place an OpenAPI json file in the same folder as the .md file.
That's actually a security feature, to prevent LFI/RFI attacks. We don't want someone to write ../../../../etc/passwd would we 😉
While we have the !!swagger-http!! to compensate, adding a config option to disable the security and allow accessing arbitrary files might be an option.
@bharel the way dotnet webserver handles this is that by default it won't allow a relative path to navigate past the "base" directory. So for example, for mkdocs this would be the same as not allowing navigation beyond the folder with the mkdocs file in it. The check is done by "depth" from the base directory, so if your mkdocs file directoory (base directory) was one directory back from your markdown file, a relative path is only allowed to navigate back 1 directory at most. e.g "../foo.md" would be valid (a foo.md file next to the mkdocs file). Any relative path that attempts to navigate up more than 1 directory would be invalid, for example: "../../foo.md" or "../foo/bar/../../../bat.md" are both invalid. Also even if the full expansion of such a path ends up resolving to a valid subdirectory of the base directory, if it attempts to navigate beyond the base directory it makes it invalid regardless.
