Library Countermeasures
Get all Library Countermeasures
This endpoint retrieves a list of Library Countermeasure resources.
GET /api/v2/library/tasks/
Query parameters
The following parameters may be used to filter the Library Countermeasure resources in the response.
| Parameter | Description |
|---|---|
| priority | Given a priority 0-10, returns all Countermeasures with specified priority |
| phase | Given a phase id, returns all Countermeasures in specified phase |
| absolute_urls | Whether to use absolute or relative urls (default is False) |
| to_html | Whether to convert markdown to html (default is False) |
| show_inactive | Whether to show inactive Countermeasures (default is False) |
GET /api/v2/library/tasks/ HTTP/1.1
Accept: application/json
Authorization: Token "YOUR SDE ACCESS TOKEN"
HTTP/1.1 200 OK
Content-Type: application/json
{
"results": [{
"priority": 8,
"db_id": 1,
"url": "http://example.com/library/tasks/T179/",
"problem": "P1",
"title": "Allow access for users to remove their data from the system",
"text": "Some example description",
"phase": "X1",
"id": "T179"
}]
}
Expand parameters
See the Expand Parameters section for more details.
| Parameter | Description |
|---|---|
| problem | Expands the Weakness fields in the Countermeasure response object |
| phase | Expands the phase field |
GET /api/v2/library/tasks/?expand=problem HTTP/1.1
Accept: application/json
Authorization: Token "YOUR SDE ACCESS TOKEN"
HTTP/1.1 200 OK
Content-Type: application/json
{
"results": [{
"priority": 8,
"db_id": 1,
"tags": [],
"url": "http://example.com/library/tasks/T179/",
"problem": {
"risk_rating": 5,
"text": "This is some example content.",
"cwe": [{
"url": "http://cwe.mitre.org/data/definitions/359",
"title": "Exposure of Private Information ('Privacy Violation')",
"cwe_id": 359
}],
"id": "P257",
"db_id": 257,
"title": "P257: Privacy Violation"
},
"title": "Allow access for users to remove their data from the system",
"text": "Some example description",
"phase": "X1",
"id": "T179"
}]
}
Include Parameters
See the Include Parameters section for more details.
| Parameter | Description |
|---|---|
| amendments | Includes a list of amendments on each Countermeasure |
| categories | Includes a list of categories that apply to each Countermeasure |
| how_tos | Includes a list of How-Tos for each Countermeasure. These are language specific examples of how to implement the Countermeasure |
| tags | Includes a list of tags attached to each Countermeasure |
| verification_coverage | Includes a list of verification coverages of each Countermeasure |
| active | Returns a Boolean indicating whether the Countermeasure is active |
GET /api/v2/library/tasks/?include=verification_coverage,categories,tags,how_tos,amendments HTTP/1.1
Accept: application/json
Authorization: Token "YOUR SDE ACCESS TOKEN"
HTTP/1.1 200 OK
Content-Type: application/json
{
"results": [{
"priority": 8,
"db_id": 1,
"tags": [1, 2, 3],
"url": "http://example.com/library/tasks/T179/",
"problem": "P1",
"title": "Allow access for users to remove their data from the system",
"text": "Some example description",
"phase": "X1",
"id": "T179",
"categories": [
"Authorization"
],
"amendments": [{
"id": "TA123",
"title": "TA123",
"text": "Some additional information about this Countermeasure..."
}],
"verification_coverage": [
"No Automated Static Analysis Coverage"
],
"how_tos": [{
"id": "I131",
"title": "I131: Manually with browser",
"slug": "test-account-lockout-manually-browser",
"url": "http://a7069ccda519b00c4/....",
"text": "1. Open your web browser ..."
}]
}]
}
Get a specific Library Countermeasure
This endpoint retrieves a single library Countermeasure resource, as specified by the id parameter.
GET /api/v2/library/tasks/{task_id}/
URL Parameters
| Parameter | Description |
|---|---|
| task_id | The id of the Countermeasure to retrieve |
All of the expand and include parameters for the 'Get all Library Countermeasures' endpoint apply here as well.
GET /api/v2/library/tasks/T3/ HTTP/1.1
Accept: application/json
Authorization: Token "YOUR SDE ACCESS TOKEN"
HTTP/1.1 200 OK
Content-Type: application/json
{
"results": [{
"priority": 8,
"db_id": 1,
"tags": [],
"url": "http://example.com/library/tasks/T3/",
"problem": "P1",
"title": "Example Library Countermeasure",
"text": "Some example description",
"phase": "X1",
"id": "T3"
}]
}