getResult REST API leads to Web Proxy errors when repositories look like file names

[brunon]

The getResult API has this path: /projects/{platform}/{org}/{repo}

As a result, if the repo name looks like a file (for example with a .cmd extension), then the resulting URL will appear to be an executable file

For example, take the kids.cmd repository, its getResult URL is this:

https://api.securityscorecards.dev/projects/github.com/0k/kids.cmd

This looks like an executable file

The problem is that within an organization which has Web Proxies that block download of executable code, this URL becomes blocked

The solution would be simple: modify the openapi.yaml file to add /results.json to the end of the API path:

/projects/{platform}/{org}/{repo}/results.json

The example above would become

https://api.securityscorecards.dev/projects/github.com/0k/kids.cmd/results.json

This would ensure that the URL looks like a JSON document always (which it is) and work around proxy limitations