CS 1.0: SD-2779: Update Next-Page-Cursor description

[HenrikHL]

SD-2779: Update Next-Page-Cursor description to allow queryParameters to be preserved when requesting page 2 and onward
This is needed as it conflicts with mandatory queryParameters...

[qodo-code-review]

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
🟢	No security concerns identified No security vulnerabilities detected by AI analysis. Human verification advised for critical code.
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
🟢	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Logging Practices Objective: To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
⚪	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: Error behavior unclear: The updated Next-Page-Cursor description removes prior guidance about rejecting/handling unexpected query parameters with a 400, so API error/edge-case behavior for non-preserved parameters should be confirmed elsewhere in the spec/implementation. Referred Code To retrieve the next page, the API consumer sends a `GET` request to the endpoint URL with only `?cursor=fE9mZnNldHw9MTAmbGltaXQ9MTA` as query parameter. The limit of items per page and any other query parameters may not be altered and MUST be preserved when requesting subsequent pages. '400': Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: Error response guidance: By removing the explicit 400 guidance for extra query parameters with cursor, the spec no longer states what user-facing error message/body is returned in this misuse case, which should be verified to remain generic and non-revealing. Referred Code To retrieve the next page, the API consumer sends a `GET` request to the endpoint URL with only `?cursor=fE9mZnNldHw9MTAmbGltaXQ9MTA` as query parameter. The limit of items per page and any other query parameters may not be altered and MUST be preserved when requesting subsequent pages. '400': Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Security-First Input Validation and Data Handling Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities Status: Input validation unspecified: The documentation change mandates preserving query parameters across cursor-based pagination but does not specify validation/handling when parameters are missing/changed, so confirm the API validates and safely handles these external inputs. Referred Code To retrieve the next page, the API consumer sends a `GET` request to the endpoint URL with only `?cursor=fE9mZnNldHw9MTAmbGltaXQ9MTA` as query parameter. The limit of items per page and any other query parameters may not be altered and MUST be preserved when requesting subsequent pages. '400': Learn more about managing compliance generic rules or creating your own custom rules

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

[qodo-code-review]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
Possible issue	Resolve contradictory API pagination instructions Resolve a contradiction in the API documentation by removing the word "only" when describing paginated requests, clarifying that original query parameters must be preserved alongside the cursor. cs/v1/CS_v1.0.2.yaml [71] -To retrieve the next page, the API consumer sends a `GET` request to the endpoint URL with only `?cursor=fE9mZnNldHw9MTAmbGltaXQ9MTA` as query parameter. The limit of items per page and any other query parameters may not be altered and MUST be preserved when requesting subsequent pages. +To retrieve the next page, the API consumer sends a `GET` request to the endpoint URL including the `cursor` as a query parameter. The limit of items per page and any other query parameters from the initial request MUST be preserved when requesting subsequent pages. Apply / Chat Suggestion importance[1-10]: 7 __ Why: The suggestion correctly identifies a contradiction in the API documentation introduced by the PR, where a request is described as containing "only" a cursor, while also requiring other parameters to be preserved. Resolving this improves the clarity and correctness of the specification.	Medium
More