Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Trailing-slash normative requirement for resource identifiers is missing #41

Closed
jordan2175 opened this issue Feb 14, 2018 · 11 comments
Closed

Comments

@jordan2175
Copy link

@jordan2175 jordan2175 commented Feb 14, 2018

All of the examples and resource definitions call out that the TAXII resources have a trailing slash. However, we forgot to add a normative statement saying as much. I propose we add a simple normative statement that says "All TAXII resources MUST have a trailing slash, as shown in their definitions." Or something like that.

@MarkDavidson
Copy link

@MarkDavidson MarkDavidson commented Feb 20, 2018

I'd like to propose that the title be changed to: "Trailing-slash requirement for resource identifiers is missing".

With that, 👍 to solving this problem.

Loading

@jordan2175 jordan2175 changed the title The need for adding a trailing slash on resources is missing from normative statements Trailing-slash normative requirement for resource identifiers is missing Feb 20, 2018
@jordan2175
Copy link
Author

@jordan2175 jordan2175 commented Feb 20, 2018

We discussed this on the working call on 2018-02-20 with the following 15 TC members (Bret Jordan, Trey Darley, Chris Ricard, Christian Hunt, Dan Dye, Dave Lemire, Drew Varner, Efrain Ortiz, Gary Katz, Jane Ginn, John-Mark Gurney, John Wunder, Nicholas Hayden, Paul Patrick, Rich Piazza).

There was no objection to adding a normative statement that says all resource endpoints MUST have a trailing slash.

Loading

@jordan2175
Copy link
Author

@jordan2175 jordan2175 commented Feb 22, 2018

I added the following text to section 3.1

All TAXII endpoints MUST have a trailing slash "/" at the end of the resource. For example:

A request for a resource //collections//objects//
A request for a resource with some filter parameters //collections//objects//?match[type]=indicator

Loading

@jordan2175 jordan2175 added this to the TAXII-2.1-CSD01 milestone Feb 22, 2018
@jordan2175 jordan2175 added this to In progress in TAXII-2.1 Feb 22, 2018
@johnwunder
Copy link

@johnwunder johnwunder commented Feb 23, 2018

I don't have any issues with this change, I wasn't at the plugfest where it came up.

I do think it will end up being a gotcha for some clients so we should make sure to have it in an FAQ. Many services just transparently deal with requests as if the trailing / doesn't matter, so clients get used to being imprecise. This will probably be exacerbated by some servers continuing to allow requests if the trailing slash is missing.

Loading

@varnerac
Copy link

@varnerac varnerac commented Feb 28, 2018

All TAXII endpoint URL paths MUST end in a trailing slash "/"

that may be more specific than "at the end of a resource" since path is explained in RFC-7230 separate than other URL components like query

Loading

@jordan2175
Copy link
Author

@jordan2175 jordan2175 commented Mar 20, 2018

Discussed on working call on 2018-03-20. John-Mark might make some additional comments on this, but for now this change has been made.

Loading

@jmgnc
Copy link

@jmgnc jmgnc commented Mar 22, 2018

So, reading RFC7230, I don't see a point about paths needing to end in a trailing slash. I didn't closely read the whole thing, but didn't see any obvious requirements.

Loading

@varnerac
Copy link

@varnerac varnerac commented Mar 23, 2018

I don't think it's an RFC 7230 issue. It's just specified "3.1 Endpoints" table and elsewhere in TAXII 2.0 CS01 that way. I think the point is to clarify that the trailing / is a normative requirement.

My comment above

All TAXII endpoint URL paths MUST end in a trailing slash "/"

isn't meant to imply that RFC-7230 requires the /. I'm just trying to describe where the / belongs using terms describing a URL from RFC-7230, instead of "at the end of a resource". Specifically using "path" from 2.7. Uniform Resource Identifiers.

Loading

@jordan2175 jordan2175 moved this from In progress to Done in TAXII-2.1 Apr 11, 2018
@jmgnc
Copy link

@jmgnc jmgnc commented May 14, 2018

I'm fine w/ this, but at the same time, I'm a bit torn by requiring single item instances like fetching an object by it's UUID to us a trailing slash. Trailing slash indicates a directory, and that there is more than one "entity" under there.

But forcing all paths to end w/ a slash is easier and more consistent.

Loading

@varnerac
Copy link

@varnerac varnerac commented May 14, 2018

The thing about fetching an object is that it actually returns object versions. I see your point though.

Loading

@jordan2175
Copy link
Author

@jordan2175 jordan2175 commented May 14, 2018

It is critical to remember that this is not a change from 2.0. This is the behavior that we all agreed to way back in 2.0 (it was originally requested by EclecticIQ from their API experience) and we tried to put it in the document, but found later, that we did not do a good enough job clarifying it. So this is all about adding the clarifying text.

Loading

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
No open projects
TAXII-2.1
  
Done
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
5 participants