GET /datastreams/{id}/observations returns observations belonging to other datastreams, identified by mismatched datastream@id values in the response. The contamination affects sibling datastreams under the same system and, in at least one case, crosses system boundaries entirely.
Evidence
System 0420 (AZ-MA-1) has 8 datastreams including:
04c0 — AZ-MA-1 LOB (bearing observations, high volume)04dg — AZ-MA-1 Detection Capabilities (1 static range config observation)
Querying the detection capabilities datastream:
GET /datastreams/04dg/observations?limit=10
Returns 10 LOB observations — all with datastream@id: "04c0", not "04dg":
id=040t1jkupk32bemg80 datastream@id=04c0 keys=bearingTrue,bearingStdDev,...
id=040tbjkupk32bemg80 datastream@id=04c0 keys=bearingTrue,bearingStdDev,...
(all 10 are LOB data from DS 04c0)
The actual detection range observation exists (verified via GET /observations/040uvjsupk30000000 → datastream@id: "04dg", minRange_m: 667) but only appears as 1 out of 50 results in a bulk query.
Scope
| Queried DS |
Parent System |
Foreign DS (datastream@id) |
Foreign Parent |
Same System? |
04dg (MA-1 Det Caps) |
0420 |
04c0 (MA-1 LOB) |
0420 |
Yes |
04e0 (MA-2 Det Caps) |
0490 |
04cg (MA-2 LOB) |
0490 |
Yes |
04eg (MA-3 Det Caps) |
049g |
04f0 (Localizer) |
04n0 |
No |
MA-3 contamination crosses system boundaries — DS 04eg (system 049g) returns observations from DS 04f0 (system 04n0).
Contamination is unidirectional: LOB datastreams queried directly return only their own observations.
Impact
resultTime=latest on a low-volume DS returns a foreign observation with a later timestamp, making the real data effectively unreachable- Detection range rings disappeared 3 times during development because the query consistently returned LOB data instead of range config
- No error indication — HTTP 200 with valid-looking data; only
datastream@id inspection reveals the mismatch
Detailed probe report
OSH_Datastream_Observation_Scope_Leak.md"
GET /datastreams/{id}/observationsreturns observations belonging to other datastreams, identified by mismatcheddatastream@idvalues in the response. The contamination affects sibling datastreams under the same system and, in at least one case, crosses system boundaries entirely.Evidence
System
0420(AZ-MA-1) has 8 datastreams including:04c0— AZ-MA-1 LOB (bearing observations, high volume)04dg— AZ-MA-1 Detection Capabilities (1 static range config observation)Querying the detection capabilities datastream:
Returns 10 LOB observations — all with
datastream@id: "04c0", not"04dg":The actual detection range observation exists (verified via
GET /observations/040uvjsupk30000000→datastream@id: "04dg",minRange_m: 667) but only appears as 1 out of 50 results in a bulk query.Scope
datastream@id)04dg(MA-1 Det Caps)042004c0(MA-1 LOB)042004e0(MA-2 Det Caps)049004cg(MA-2 LOB)049004eg(MA-3 Det Caps)049g04f0(Localizer)04n0MA-3 contamination crosses system boundaries — DS
04eg(system049g) returns observations from DS04f0(system04n0).Contamination is unidirectional: LOB datastreams queried directly return only their own observations.
Impact
resultTime=lateston a low-volume DS returns a foreign observation with a later timestamp, making the real data effectively unreachabledatastream@idinspection reveals the mismatchDetailed probe report
OSH_Datastream_Observation_Scope_Leak.md"