lib/rswag/api/middleware.rb in rswag-api-2.12.0 vs lib/rswag/api/middleware.rb in rswag-api-2.13.0

@@ -3,24 +3,22 @@
 require 'rack/mime'
 
 module Rswag
   module Api
     class Middleware
-
       def initialize(app, config)
         @app = app
         @config = config
       end
 
       def call(env)
         path = env['PATH_INFO']
         # Sanitize the filename for directory traversal by expanding, and ensuring
         # its starts with the root directory.
-        filename = File.expand_path(File.join(@config.resolve_swagger_root(env), path))
-        unless filename.start_with? @config.resolve_swagger_root(env).to_s
-          return @app.call(env)
-        end
+        openapi_root = @config.resolve_openapi_root(env)
+        filename = File.expand_path(File.join(openapi_root, path))
+        return @app.call(env) unless filename.start_with? openapi_root.to_s
 
         if env['REQUEST_METHOD'] == 'GET' && File.file?(filename)
           swagger = parse_file(filename)
           @config.swagger_filter.call(swagger, env) unless @config.swagger_filter.nil?
           mime = Rack::Mime.mime_type(::File.extname(path), 'text/plain')
@@ -28,14 +26,14 @@
           body = unload_swagger(filename, swagger)
 
           return [
             '200',
             headers,
-            [ body ]
+            [body]
           ]
         end
 
-        return @app.call(env)
+        @app.call(env)
       end
 
       private
 
       def parse_file(filename)