Success Response Code Undefined for Delete Operation (v3)
- Query id: 3b497874-ae59-46dd-8d72-1868a3b8f150
- Query name: Success Response Code Undefined for Delete Operation (v3)
- Platform: OpenAPI
- Severity: Low
- Category: Networking and Firewall
- CWE: 665
- URL: Github
Description¶
Delete should define at least one success response (200, 201, 202 or 204)
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - json file
{
"openapi": "3.0.0",
"info": {
"title": "Simple API",
"version": "1.0.0"
},
"paths": {
"/item": {
"delete": {
"operationId": "deleteItem",
"summary": "Delete item",
"responses": {
"default": {
"description": "Error"
}
}
}
}
}
}
Positive test num. 2 - json file
{
"openapi": "3.0.0",
"info": {
"title": "Simple API",
"version": "1.0.0"
},
"paths": {
"/item": {
"delete": {
"operationId": "deleteItem",
"summary": "Delete item",
"responses": {
"default": {
"description": "Error"
}
}
},
"patch": {
"operationId": "updateItem",
"summary": "Update item",
"responses": {
"204": {
"description": "Item updated successfully"
},
"default": {
"description": "Error"
}
}
}
}
}
}
Positive test num. 3 - yaml file
openapi: 3.0.0
info:
title: Simple API
version: 1.0.0
paths:
"/item":
delete:
operationId: deleteItem
summary: Delete item
responses:
default:
description: Error
Positive test num. 4 - yaml file
Positive test num. 5 - json file
{
"swagger": "2.0",
"info": {
"title": "Simple API",
"version": "1.0.0"
},
"paths": {
"/item": {
"delete": {
"operationId": "deleteItem",
"summary": "Delete item",
"responses": {
"default": {
"description": "Error"
}
}
},
"patch": {
"operationId": "updateItem",
"summary": "Update item",
"responses": {
"204": {
"description": "Item updated successfully"
},
"default": {
"description": "Error"
}
}
}
}
}
}
Positive test num. 6 - yaml file
Code samples without security vulnerabilities¶
Negative test num. 1 - json file
{
"openapi": "3.0.0",
"info": {
"title": "Simple API",
"version": "1.0.0"
},
"paths": {
"/item": {
"delete": {
"operationId": "deleteItem",
"summary": "Delete item",
"responses": {
"204": {
"description": "Item deleted successfully"
},
"default": {
"description": "Error"
}
}
},
"patch": {
"operationId": "updateItem",
"summary": "Update item",
"responses": {
"default": {
"description": "Error"
}
}
}
}
}
}
Negative test num. 2 - yaml file
openapi: 3.0.0
info:
title: Simple API
version: 1.0.0
paths:
"/item":
delete:
operationId: deleteItem
summary: Delete item
responses:
"204":
description: Item deleted successfully
default:
description: Error
patch:
operationId: updateItem
summary: Update item
responses:
default:
description: Error
Negative test num. 3 - json file
{
"swagger": "2.0",
"info": {
"title": "Simple API",
"version": "1.0.0"
},
"paths": {
"/item": {
"delete": {
"operationId": "deleteItem",
"summary": "Delete item",
"responses": {
"204": {
"description": "Item deleted successfully"
},
"default": {
"description": "Error"
}
}
},
"patch": {
"operationId": "updateItem",
"summary": "Update item",
"responses": {
"default": {
"description": "Error"
}
}
}
}
}
}
Negative test num. 4 - yaml file
Negative test num. 5 - json file
{
"swagger": "2.0",
"info": {
"title": "Simple API",
"version": "1.0.0"
},
"paths": {
"/item": {
"delete": {
"operationId": "deleteItem",
"summary": "Delete item",
"responses": {
"2XX": {
"description": "Item deleted successfully"
},
"default": {
"description": "Error"
}
}
},
"patch": {
"operationId": "updateItem",
"summary": "Update item",
"responses": {
"default": {
"description": "Error"
}
}
}
}
}
}