search

oasis-tcs / cti-stix2

OASIS CTI TC: Provides issue tracking and wiki pages for the STIX 2.x Work Products
https://github.com/oasis-tcs/cti-stix2
Other
24 stars 9 forks source link

6.12.2 HTTP Request Extension example is invalid: request_header must be a list of type string #325

Closed clenk closed 6 months ago

clenk commented 7 months ago

Description for the request_header property says:

The corresponding value for each dictionary key MUST always be a list of type string to support when a header field is repeated.

But this is in the example below the properties table:

    "http-request-ext": {
      "request_method": "get",
      "request_value": "/download.html",
      "request_version": "http/1.1",
      "request_header": {
        "Accept-Encoding": "gzip,deflate",
        "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6) Gecko/20040113",
        "Host": "www.example.com"
      }
    }

Seems like it should be 

    "http-request-ext": {
      "request_method": "get",
      "request_value": "/download.html",
      "request_version": "http/1.1",
      "request_header": {
        "Accept-Encoding": ["gzip,deflate"],
        "User-Agent": ["Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6) Gecko/20040113"],
        "Host": ["www.example.com"]
      }
    }

See https://github.com/oasis-open/cti-stix2-json-schemas/issues/152

ejratl commented 7 months ago

related to #277