Open codymartin2005 opened 7 years ago
jlblcc
commented
7 years ago I also had this issue when using $ref with relative links. I had to pre-load the schemas to get it to work. Something like the following:
schemas = `git ls-files #{@@dir}/schema`.split($/)
schemas.each do |schema|
name = File.basename(schema)
jschema = JSON::Schema.new(TestHelper.load_json(schema), Addressable::URI.parse(name))
JSON::Validator.add_schema(jschema)
endSee also #190.
codymartin2005
commented
7 years ago Thank you @jlblcc. I added this in and did a quick test and it seems to work almost 100% of the time for me (in the past 5 minutes).
I'm running several different tests through rspec now and it seems like every few runs it still can't find them in spite of being added in this way. I'll keep poking around on this to see if there is something else going on.
Thanks again, Cody
RST-J
commented
7 years ago SECURITY is what immediately comes to my mind when you ask for such directory traversal stuff. Not to say that it couldn't be done, but in terms of finding compromises between security and convenience I am not willing to let go crucial security. First thought would be an error message like: '<contents of /etc/passwd or /etc/shadow> is not a valid schema'.
That said we could discuss any potential changes to make usage more comfortable.
But to get things clear, could you provide an MWE (minimal working example) of the scenario you refer to?
And, for completeness: Another workaround would be to use a custom schema loader.
Hello,
First of all, great library. Thank you for sharing.
I've encountered an issue where some of the JSON schemas we use include REFs that point up to a higher directory (ex: "../shared"). When these are encountered, the library does not pull these in correctly and tries to locate the file at the currently working directory.
Any idea on how to get around this for the time being?
Thanks, Cody