Quick question: does the OpenAPI spec requires URL canonicalization for validators before matching the current URL against the paths? Once more, I'm seeing that the validator that's being used seems to be flawed because it will apply the rule to /abc/path, but not to /abc/path/ (notice the extra /).
Thanks.
The OAS defers questions of URL normalization and equivalence to the relevant standards for URIs/URLs: RFC3986 (in general) and RFC9110 (for http: and https: specific rules).
So the issue here is that no standard defines an equivalence between /abc/path and /abc/path/. RFC9110 only defines that a path consisting of only "/" is equivalent to an empty path. But not that a trailing "/" in general is equivalent to the path without the trailing "/". It just happens to be a common convention that they are the same. So the OAS can't mandate anything here because it's valid to create an API where /abc/path and /abc/path/ locate different resources. It might not be a good idea, but it's allowed by RFC9110.
PS: OASComply is on indefinite hold (I am the author). It was a proof-of-concept that proved taht the spec had ambiguities, so we made OAS 3.0.4 and 3.1.1 to improve that situation and will continue this work with 3.2 this year. We'll get back to OASComply eventually.