2015May core #599 - Ignoring search criteria can't be "no risk"

XMLWordPrintableJSON

    • Type: Comment
    • Resolution: Considered - Question answered
    • Priority: Medium
    • FHIR Core (FHIR)
    • DSTU1 [deprecated]
    • FHIR Infrastructure
    • Change Management & Versioning (versions/compatibility)
    • 1.9.3
    • Hide

      The point of the statement is that there is no unresolved risk on that part of the server because the client can always check what was processed

      Show
      The point of the statement is that there is no unresolved risk on that part of the server because the client can always check what was processed
    • Grahame Grieve / Ewout Kramer : 7-0-1

      Existing Wording: Unrecognized search criteria SHALL always be ignored. (Search criteria supported in a query are echoed as part of the search response so there is no risk in ignoring unexpected search criteria.)

      Comment:

      I suggest striking or softening the statement about "no risk." This statement may not always be true, since it depends on what the impact of the unrecognized criteria would be. It might be obvious but it might be subtle. For example, if there is a query on the Patient Resource that intended to include patient ID and several other search criteria, but patient ID was erroneously submitted, might that search return unintended patients who matched the other search parameters?

            Assignee:
            Unassigned
            Reporter:
            david_tao
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: