OASIS Static Analysis Results Interchange Format (SARIF) TC

 View Only
  • 1.  #378: request failure properties

    Posted 04-25-2019 19:41
    I created and merged a change draft for Jim’s Issue #378 , “Add properties to describe failed requests”.   https://github.com/oasis-tcs/sarif-spec/blob/master/Documents/ChangeDrafts/Accepted/sarif-v2.0-issue-378-request-failure-properties.docx   After feedback from MS, we accepted Jim’s original proposal to put the properties on the webResponse object. I chose the name noResponseReceived for the Boolean property.   Rather than introducing a new property failureMessage , I overloaded the existing webResponse.reasonPhrase property (which normally holds, for example, "OK" on 200 or "Not found" for 404) to hold the failure message in the “no response received” case.   Please take a look!   Next is Yekaterina’s Issue #381 , “Associate descriptor metadata with thread flow locations”. (This is the “helper rule” feature.)   Larry


  • 2.  RE: #378: request failure properties

    Posted 04-29-2019 16:36
    In 3.46.9,   “ If no response to the HTTP request was received (for example, because of a network failure), the webRequest object SHALL contain a property named noResponseReceived whose value is a Boolean true . ”   Should be:   “ If no response to the HTTP request was received (for example, because of a network failure), the webResponse object SHALL contain a property named noResponseReceived whose value is a Boolean true . ”   k   From: sarif@lists.oasis-open.org [mailto:sarif@lists.oasis-open.org] On Behalf Of Larry Golding (Myriad Consulting Inc) Sent: Thursday, April 25, 2019 12:41 PM To: OASIS SARIF TC Discussion List <sarif@lists.oasis-open.org> Subject: [sarif] #378: request failure properties Importance: High   I created and merged a change draft for Jim’s Issue #378 , “Add properties to describe failed requests”.   https://github.com/oasis-tcs/sarif-spec/blob/master/Documents/ChangeDrafts/Accepted/sarif-v2.0-issue-378-request-failure-properties.docx   After feedback from MS, we accepted Jim’s original proposal to put the properties on the webResponse object. I chose the name noResponseReceived for the Boolean property.   Rather than introducing a new property failureMessage , I overloaded the existing webResponse.reasonPhrase property (which normally holds, for example, "OK" on 200 or "Not found" for 404) to hold the failure message in the “no response received” case.   Please take a look!   Next is Yekaterina’s Issue #381 , “Associate descriptor metadata with thread flow locations”. (This is the “helper rule” feature.)   Larry