SQA #4290
open
[SQA] API Documentation Review – “Compress PDF”
Added by Aman Bhuiyan about 1 month ago.
Updated about 1 month ago.
Description
Summary of Review¶
- Reviewed API endpoints, request/response structure, authentication, and error handling.
- Tested endpoints using Postman.
- Documentation provides basic flow but lacks detailed schema and validation rules.
- Error handling and file size limits are not fully documented.
Action Items¶
- Confirm max file size and supported PDF types
- Request detailed error code list
- Clarify compression options and timeout behavior
- Request updated API schema (OpenAPI/Swagger)
- Prepare diverse test PDF datasets
- Tracker changed from CompressPdf to SQA
- Category set to api
- Status changed from To Do to In Progress
- % Done changed from 10 to 20
Summary¶
Overall review of the Compress PDF API documentation and initial endpoint validation performed via Postman.
The review focused on:
- API endpoint structure and workflow
- Request/response format consistency
- Authentication mechanism
- Error handling standards
- Status code usage
- File upload handling and size constraints
- Compression configuration options
Summary¶
1. /api/output/v1.0.0/rename-title¶
- Issue: Returns 500 Internal Server Error for invalid/non-existent
fieldId
- Risk: Error response exposes internal route paths
- Expected: Proper validation with 4xx response (e.g., 400/404)
- Action: Logged as validation + security issue
- Ref: PATCH request "output/v1.0.0/rename-title" (2026-03-03_09-29.png)
2. /api/shared/{id}¶
- Issue: Returns correct 404 for non-existent
fieldId
- Risk: Error message exposes internal route details
- Example: “Cannot POST /api/shared/{id}”
- Expected: Generic error message without internal path exposure
- Action: Logged as security hardening issue
- Ref: POST request "New Request" (2026-03-03_09-36.png)
3. /api/output/v1.0.0/download-zip¶
- Issue: Returns 200 OK when
fieldIds array is empty
- Expected: 400 Bad Request for invalid input
- Impact: Improper input validation & misleading success response
- Action: Logged as functional validation defect
- Ref: POST request "download-zip" (2026-03-03_14-38.png)
Deliverable¶
Issue Sheet
- Status changed from In Progress to Complete
- % Done changed from 20 to 100
Also available in: Atom
PDF