-
-
Notifications
You must be signed in to change notification settings - Fork 155
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] curl code samples omit non-printable characters #2159
Comments
Thank you for reporting! |
Thinking about it a bit more, maybe just do something as simple as displaying a warning along the lines of “This test involves characters which are difficult to portably represent in shell commands. Here's the Python version:” and override the code sample language? I'd assume that most people using this tool wouldn't be terribly surprised by that and it's something of an edge case so it makes sense to switch to the alternative you already have. |
I like the idea and wording that you proposed! An alternative I was thinking about is showing the cURL command without headers that contain such characters and then displaying headers separately in the warning message, but probably it would not be as useful. Got to research if it could be possible to detect the shell and display the headers properly. |
Checklist
Describe the bug
I had a FastAPI endpoint which accidentally leaked the header definition for
X-Forwarded-For
into the OpenAPI docs and that caused a Schemathesis run to fail, emitting a curl sample like this:curl -X GET -H 'x-forwarded-for: 0' http://localhost:8000/search/latest-magazines
That worked without error when I tried to reproduce, but I knew it was failing based on my service's logs. I added
--code-sample-style=python
and the cause became clear:To Reproduce
Please include a minimal API schema causing this issue:
Expected behavior
Ideally the curl examples would either include the escaped values — but this introduces shell-specific behaviour since you'd need to use something like
curl -H "X-Forwarded-For: $(printf '\01f')" …
so it might be effective to simply alert the user with a text message that the curl sample is incomplete. In my case, the fact that it printed without a warning and with what appears to be a complete string was somewhat confusingEnvironment
The text was updated successfully, but these errors were encountered: