From 009cc9bfe988f8ff457b28630164d5307aa18670 Mon Sep 17 00:00:00 2001
From: Dmitry Litovchenko <i@dlitovchenko.net>
Date: Fri, 3 May 2024 23:56:10 +0500
Subject: [PATCH] Fixed xss availability

---
 Controllers/EnvController.cs   | 2 +-
 Controllers/UsersController.cs | 2 +-
 openapi-spec.yml               | 8 ++++----
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/Controllers/EnvController.cs b/Controllers/EnvController.cs
index ee71d5c..6364163 100644
--- a/Controllers/EnvController.cs
+++ b/Controllers/EnvController.cs
@@ -3,7 +3,7 @@
 namespace dvcsa.Controllers;
 
 [ApiController]
-[Route("/api/.[controller]")]
+[Route("/api/.env")]
 public class EnvController : ControllerBase
 {
     [HttpGet(Name = "GetEnv")]
diff --git a/Controllers/UsersController.cs b/Controllers/UsersController.cs
index 2846984..e6e736d 100644
--- a/Controllers/UsersController.cs
+++ b/Controllers/UsersController.cs
@@ -45,7 +45,7 @@ public ActionResult<string> SearchForUser(string name)
         var user = _context.Users.FirstOrDefault(u => u.Name == name);
         if (user == null)
         {
-            return NotFound($"User {name} not found");
+            return Content($"User {name} not found", "text/html");
         }
         return Ok($"{user.Name} - {user.Password}");
     }
diff --git a/openapi-spec.yml b/openapi-spec.yml
index 271789a..5bed4cc 100644
--- a/openapi-spec.yml
+++ b/openapi-spec.yml
@@ -27,15 +27,15 @@ info:
   version: "0.1"
 openapi: 3.0.0
 paths:
-  /api/.Env:
+  /api/.env:
     get:
-      operationId: api_.Env_GET
+      operationId: api_.env_GET
       responses:
         default:
           description: Default response
-      x-name: api_.Env_GET
+      x-name: api_.env_GET
       x-source: Controllers/EnvController.cs~~9
-    x-name: api_.Env
+    x-name: api_.env
   /api/Users:
     get:
       operationId: api_Users_GET