Fix behavior of the match filter

[seansica]

The TAXII 2.1 spec states that:

The match parameter can be specified any number of times, where each match instance specifies an additional filter to be applied to the resulting data and each MUST NOT occur more than once in a request. Said another way, all match fields are ANDed together.

and

Each field MAY contain one or more values. Multiple values are separated by a comma (U+002C COMMA, “,”) without any spaces. If multiple values are present, the match is treated as a logical OR.

In other words:

• ?match[type]=campaign,malware,threat-actor : matches campaigns OR malware OR threat-actors
• ?match[type]=campaign?match[type]=malware?match[type]=threat-actor : matches campaigns AND malware AND threat-actors

However, the current implementation only supports one match filter at a time.

• Passing multiple match filters will trigger a 500 response.
• Passing multiple comma-delimited values (e.g., ?match[type]=campaign,malware) will always return an empty response because the values are not parsed but instead treated as one type.