Sometimes a Server definition
url contains ‘example.com’, added during testing phases. Sometimes this is left in when the specification
is pushed to production.
Unless the user is the owner of ‘example.com’, it’s probably a good idea to check for this and any other example-type domains used.
Why did this violation appear?
‘example.com’ was found in the
url property of a Server definition.
openapi: 3.1 servers: - url: "https://example.com" ...
openapi: 3.1 servers: - url: "https://quobix.com/vacuum/api" description: "Central API endpoint for the vacuum endpoint" ...
How do I fix this violation?
Remove ‘example.com’ and replace it with something, literally anything other than that.
The rule is equivalent to oas3-host-not-example