()
| 576 | } |
| 577 | |
| 578 | func (a *api) registerDocsRoute() { |
| 579 | openAPIPath := a.config.OpenAPIPath |
| 580 | if prefix := getAPIPrefix(a.OpenAPI()); prefix != "" { |
| 581 | openAPIPath = path.Join(prefix, openAPIPath) |
| 582 | } |
| 583 | |
| 584 | var title string |
| 585 | var csp []string |
| 586 | var body []byte |
| 587 | |
| 588 | if a.config.Info != nil && a.config.Info.Title != "" { |
| 589 | title = a.config.Info.Title + " Reference" |
| 590 | } |
| 591 | |
| 592 | if a.config.DocsRenderer == "" { |
| 593 | a.config.DocsRenderer = DocsRendererStoplightElements |
| 594 | } |
| 595 | |
| 596 | switch a.config.DocsRenderer { |
| 597 | case DocsRendererScalar: |
| 598 | if title == "" { |
| 599 | title = "Scalar in HTML" |
| 600 | } |
| 601 | |
| 602 | csp = []string{ |
| 603 | "default-src 'none'", |
| 604 | "base-uri 'none'", |
| 605 | "connect-src 'self'", |
| 606 | "form-action 'none'", |
| 607 | "frame-ancestors 'none'", |
| 608 | "sandbox allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox", |
| 609 | "script-src 'unsafe-eval' https://unpkg.com/@scalar/api-reference@1.44.20/dist/browser/standalone.js", // TODO: Somehow drop 'unsafe-eval' |
| 610 | "style-src 'unsafe-inline'", // TODO: Somehow drop 'unsafe-inline' |
| 611 | } |
| 612 | |
| 613 | body = []byte(`<!doctype html> |
| 614 | <html lang="en"> |
| 615 | <head> |
| 616 | <meta charset="utf-8"> |
| 617 | <meta name="referrer" content="no-referrer"> |
| 618 | <meta name="viewport" content="width=device-width, initial-scale=1"> |
| 619 | <title>` + title + `</title> |
| 620 | </head> |
| 621 | <body> |
| 622 | <script id="api-reference" data-url="` + openAPIPath + `.json"></script> |
| 623 | <script src="https://unpkg.com/@scalar/api-reference@1.44.20/dist/browser/standalone.js" crossorigin integrity="sha384-tMz7GAo6dMy55x9tLFtH+sHtogji6Scmb+feBR31TAHmvSPRUTboK9H3M5NFaP4R"></script> |
| 624 | </body> |
| 625 | </html>`) |
| 626 | case DocsRendererStoplightElements: |
| 627 | if title == "" { |
| 628 | title = "Elements in HTML" |
| 629 | } |
| 630 | |
| 631 | csp = []string{ |
| 632 | "default-src 'none'", |
| 633 | "base-uri 'none'", |
| 634 | "connect-src 'self'", |
| 635 | "form-action 'none'", |
no test coverage detected