Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add examples demonstrating cached objects and index property #382

Closed
ghost opened this issue Apr 17, 2019 · 0 comments
Closed

Add examples demonstrating cached objects and index property #382

ghost opened this issue Apr 17, 2019 · 0 comments
Labels
2.1.0-CSD.1 Will be fixed in SARIF v2.1.0 CSD.1. impact-documentation-only merged Changes merged into provisional draft. non-substantive Change falls under editorial discretion resolved-fixed

Comments

@ghost
Copy link

ghost commented Apr 17, 2019

This is what I wrote in an email to Ykaterina. She suggested I include it in the spec:

EXAMPLE 1: In this example, thisObject is an element of theRun.requests. We know what array index it’s at (0) so thisObject.index isn’t required: it MAY be present. But if it’s present, it had better equal that array index.

{                                 # A run object
  "requests": [
    {                             # A request object: thisObject.
      "index": 0,                 # Optional.
      "protocol": "HTTP",
      "version": "1.1",
      "method": "GET",
      "target": "/some/resource",
      "headers": {
        "Host": "www.example.com"
      },
      ...
    }
  ],
  ...
}

EXAMPLE 2: In this example, thisObject is not an element of theRun.Request. Rather, it’s the value of theResult.request. And in this example, there is no “cached” object. That is, there is no object in theRun.requests that provides additional information for thisObject. In fact, in this example, theRun.requests doesn’t exist at all. All the information is inline in theResult.request. Since there is no cached object for thisObject, thisObject.index SHALL NOT be present.

{                                 # A run object
  "results": [
    {                             # A result object.
      "ruleId": "WEB1001",
      "request": {                # A request object: thisObject. It has no index property. There is no cached object.
        "protocol": "HTTP",
        "version": "1.1",
        "method": "GET",
        "target": "/some/resource",
        "headers": {
          "Host": "www.example.com"
        },
        ...
      },
      ...
    }
  ]
}

EXAMPLE 3: Finally, in this example, thisObject is again the value of theResult.request, not an element of theRun.requests. But in this case, there is a cached object, an element of theRun.requests that provides additional information for thisObject. thisObject provides only the target property. Since we need to populate the remaining properties of thisObject from the cached object, thisObject.index SHALL be present.

{                                 # A run object
  "requests": [
    {                             # A request object: the cached object.
      "protocol": "HTTP",
      "version": "1.1",
      "method": "GET",
      "headers": {
        "Host": "www.example.com"
      },
      ...
    }
  ],

  "results": [
    {                             # A result object.
      "ruleId": "WEB1001",
      "request": {                # A request object: thisObject. It has an index property...
        "index": "0",             # ... so it can get the missing properties from the cached object.
        "target": "/some/resource"
      },
      ...
    }
  ]
}
@ghost ghost added 2.1.0-CSD.1 Will be fixed in SARIF v2.1.0 CSD.1. non-substantive Change falls under editorial discretion to-be-written labels Apr 17, 2019
@ghost ghost self-assigned this Apr 17, 2019
ghost pushed a commit that referenced this issue Apr 20, 2019
Change draft + merge for #380 and #382: editorial: examples.
c5d4849
@ghost ghost closed this as completed Apr 20, 2019
@ghost ghost added the merged Changes merged into provisional draft. label Apr 20, 2019
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
2.1.0-CSD.1 Will be fixed in SARIF v2.1.0 CSD.1. impact-documentation-only merged Changes merged into provisional draft. non-substantive Change falls under editorial discretion resolved-fixed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
0 participants