Proposal: improve 404 page or redirect -dev versions after release

[alanisaac]

I've been working with colleagues on mapping detection findings, which was a part of the 1.1.0 release. Before release, this version was listed under 1.1.0-dev, and so our discussions often involved linking to the OCSF server with a version reference like so:

https://schema.ocsf.io/1.1.0-dev/classes/detection_finding?extensions=

As this was the only way to see the new detection finding class. Now that 1.1.0 is released, the link above just goes to a basic 404 page.

I wonder if there's a better experience to provide here? Ideas:

• Simple: improve the basic 404 page so there are at least links back to OCSF schema proper.
• More complicated: on release of a -dev version, would it make sense if /1.1.0-dev redirected to /1.1.0?

[rmouritzen-splunk]

This 404 page is coming from Nginx, not the OCSF Server app. Different schema versions are literally handled by independent instances of the OCSF Server running on the same machine, fronted by Nginx.

Fixing is probably be possible with some additional Nginx configuration. Hopefully... because if that doesn't work, the only solution is a significant change to the OCSF Server allowing it to handle multiple schema versions itself.

[alanisaac]

I'm not familiar with that part of the app yet -- is the nginx configuration part of this repository or is it somewhere else? I tried searching for it but no luck.

[rmouritzen-splunk]

It's not part of the repo. It's a bit of a hack, IMHO, but it does work, and changing the OCSF Server to handle multiple versions directly would be a significant amount of work -- pretty close to a re-write. It is something I'd like to do at some point though.