Discrepancies between Viper documentation and Swagger UI API docs

[FlawlessLawless]

There appear to be some discrepancies between the API docs that the Viper API generates in the Swagger UI versus what the Viper documentation specifies. Some examples:

• For adding tags with a file, the Swagger UI specifies a space separated string must be used for the tag list while the Viper documentation specifies a comma separated string (only a comma separated string seems to work)

• The curl command that the Swagger UI generates has an extra 'file=' inserted

• The Swagger UI curl command does not resolve URL encoded characters consistently (so a forward slash is represented by both %2F and /)

• There is inconsistency between what header arguments are provided in the Swagger UI curl command and the Viper documentation. For someone who is using these curls to create a requests version, the difference in header specification can be the difference between a successful and failed request

Example: Uploading testfile.txt as myfile.txt with tags "one", "two", "three"

curl from Swagger UI:
curl -X POST --header 'Content-Type: multipart/form-data' --header 'Accept: application/json' --header 'X-CSRFToken: <token value>' -F tag_list=one two three -F file=file=%2Fhome%2Fuser%2Ftestfile.txt -F file_name=myfile.txt http://<localhost>/api/v3/project/default/malware/upload/

Issues:

• command fails due to typos in file= argument and forward slash decoding
• if file did upload, only the "one" tag will be added to the file tags. The rest are ignored
• if file did upload, the filename would remain as testfile.txt since the wrong filename keyword is used

curl made using Viper docs (with correct output):
curl -X POST -H 'Authorization: Token <token value>' -S -F "file=@/home/user/testfile.txt;type=text/plain;filename=myfile.txt" -F tag_list=one,two,three http://<localhost>/api/v3/project/default/malware/upload/

If it is not possible to correct what shows up in the Swagger UI docs, it would be nice if it could be clearly stated what Swagger UI elements are wrong and include all the correct use cases in the written documentation.

I would also suggest that some examples/documentation be created for implementing the API using the python requests library.