[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Updated text for DELETE endpoint
|
All,
Based on the working call today, here is the current text for the DELETE endpoint. Please review. Thank you again to all that have reviewed WD02 and have provided feedback for WD03.
Bret
This Endpoint deletes an object from a Collection by its id. For STIX 2 objects, the {object-id} MUST be the STIX id. If the Collection specifies can_write as false for a particular client, this Endpoint MUST return an HTTP 401 (Unauthorized), HTTP 403 (Forbidden), or HTTP 404 (Not Found) error. If the Collection specifies can_write as true and can_read as false for a particular client, this Endpoint MUST return an HTTP 401 (Unauthorized), HTTP 403 (Forbidden), or HTTP 404 (Not Found) error. If a DELETE operation were to work on a write only collection, the result would leak information about the presence, or lack thereof, of an object in the collection. To support removing a particular version of an object, this Endpoint supports filtering as defined in section 3.4. The only valid match parameter is version. When a TAXII Server returns a successful response code of 200 to a DELETE, any subsequent attempts to fetch that object from the collection using the Get Objects Endpoint MUST return either an HTTP 401 (Unauthorized) or an HTTP 404 (Not Found) response. Furthermore, any subsequent attempts to fetch the collection manifest or its contents MUST NOT return the object in the result. Subsequent attempts to fetch the object from other collections present on the TAXII server MAY also return an HTTP 404 (Not Found) response, and subsequent attempts to fetch the collection manifest or its contents of other collections which contained the object MAY not return the object in the result. |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]