rpiazza
commented
7 months ago Can you show me a specific instance? I see that some of the lines of the properties have an extra space after the ", but I don't think that is illegal JSON
Closed dunkeki closed 7 months ago
rpiazza
commented
7 months ago Can you show me a specific instance? I see that some of the lines of the properties have an extra space after the ", but I don't think that is illegal JSON
dunkeki
commented
7 months ago Jan 22, 2024 8:13:16 AM com.peraton.taxii4j2.proxy.github.LoadableRef log INFO: extension-definition--0d4dda28-1b6c-446a-be85-38b9d9cd297c: field .modified required trimming
Jan 22, 2024 8:13:20 AM com.peraton.taxii4j2.proxy.github.LoadableRef log INFO: extension-definition--8f0b8ed7-c7ad-4650-babe-c4c45cac4a0b: field .modified required trimming
These are trailing spaces inside the quoted timestamp value. I first came across them when my timestamp parser barfed. I've added screening of incoming objects (that's where the log messages above came from) and have relaxed (made safer?) my timestamp parsing, but it's your and the greater community's decision as to what's right or wrong (as if there were such a thing :) )
Thanks, Kirk
rpiazza
commented
7 months ago Done!
some objects (most of the marking definition objects for some reason) have timestamps with trailing spaces. your call, but feels out of spec for me...
I am currently remediating objects from this repo as I use them by removing empty array fields (haven't seen one yet in this repo, BTW, but came across a bunch in ATT&CK objects) and trimming text fields (to accommodate the questionable timestamp and URL values)...
thanks