ocket8888 commented on issue #6788: URL: https://github.com/apache/trafficcontrol/issues/6788#issuecomment-1110599413
Incidentally, this also manifests when creating a DSR with a `createdAt` and/or `lastUpdated`. If, for example, set to the empty string, it will fail to decode as JSON and send back a `400 Bad Request` response (albeit this time with a somewhat more helpful message). Also, I didn't test it, but I suspect this means that one can submit invalid edits to a DSR by simply swapping out the ID in the body with the ID of a DSR for which the edits _would_ be valid, which is a much bigger deal, but also probably pretty hard to get wrong. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
