This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2017-01-12
Channels
- # aws (21)
- # aws-lambda (8)
- # beginners (53)
- # boot (56)
- # braveandtrue (1)
- # cider (49)
- # cljs-dev (8)
- # cljsjs (1)
- # cljsrn (57)
- # clojure (403)
- # clojure-austin (17)
- # clojure-dusseldorf (10)
- # clojure-greece (9)
- # clojure-spec (57)
- # clojure-uk (144)
- # clojurescript (60)
- # datomic (149)
- # docker (1)
- # emacs (1)
- # hoplon (23)
- # humor (1)
- # jobs (1)
- # leiningen (2)
- # luminus (1)
- # off-topic (1)
- # om (24)
- # om-next (15)
- # onyx (23)
- # protorepl (2)
- # re-frame (58)
- # reagent (90)
- # remote-jobs (1)
- # ring-swagger (4)
- # slackpocalypse (1)
- # spacemacs (2)
- # specter (18)
- # untangled (4)
- # vim (1)
- # yada (27)
I've just been asked by a security team to remove Swagger from our API. I'm not quite sure what to replace yada/swaggered
by, in the snippet below:
bidi/RouteProvider
(routes [_]
["" [[base-url (yada/swaggered
(:routes api)
{:info {:title "API"
:version "1.0"
:description "SWARM Implementation"}
:basePath base-url})]]])
I have tried a couple of options, like yada/handler
and yada/resource
but my understanding of yada is still very limited, so I don't know what I'm doing. Any pointers?@naartjie have you tried removing the yada/swaggered
form entirely, leaving just the routes it wraps (:routes api)
but why would your security people want you to remove swagger @naartjie ? all it does is call your api - the only additional security you get from removing swagger is security through obscurity, and that is certainly crappy security
@mccraigmccraig yup, i've tried this way:
["" [[base-url (:routes api)]]]
returns 500 with :`java.lang.IllegalArgumentException: No implementation of method: :match-pattern of protocol: #'bidi.bidi/Pattern found for class: nil`@naartjie that's basically what you want to do - have a look at the structure of (:routes app)
and make it conform to what bidi needs... i often have trouble with bidi syntax fwiw
> only additional security you get from removing swagger is security through obscurity, and that is certainly crappy security @mccraigmccraig totally agree with you. I've been asked to remove it, and I don't want to fight it, it's not worth my wasted time.
@naartjie you can remove the swaggered wrapping. See the yada docs at https://juxt.pro/yada and apply the swaggered instructions in reverse
@mccraigmccraig you were right, something is wrong with my routes, if I do ["/" (yada/yada "Hello, World")]
it works. Weird that it was working with swagger.
If you ever need to 'convert' routes to a single route, wrap in ["" routes ]
@mccraigmccraig I agree it's confusing
Not the best design
@malcolmsparks yeah, it's fine once i go and read the docs... but then i only make incremental changes for a while and when i next have to make more substantial changes i've forgotten everything again
thanks @malcolmsparks, what tripped me up was ["" routes]
not working, but I should have tried the most basic case first
@malcolmsparks could you expand a bit, how do you mean convert to a single route? i.e. if routes is something like [["/" index] ["/api" api]]
then wrapping it in ["" routes]
? I'm just a bit confused as to what that would give you.
In the response of a multi-param, the :bytes param contains "#object[[B 0x5f7d0ec4 [B@5f7d0ec4]" which is created with (byte-streams/convert coll (class (byte-array 0)))
. How can I access the data in it, and how could I save this to disk?
you could do (spit “data” (into [] (byte-array 10) ))
@zamaterian no this didn't work. It saves [12 123 314 ...] to the file.
@danielgrosse https://github.com/clojure-cookbook/clojure-cookbook/blob/master/04_local-io/4-19_handle-binary-files.asciidoc
@naartjie yes, [["/" index] ["/api" api]]
isn't a valid bidi route - but ["" [["/" index] ["/api" api]]]
is