You can trust in basic programmer competence when there is a certification the programmer has to loose if he displays incompetence, like done for other engineers and also doctors and lawyers and many more.

Until then, you have to make the financial incentives in the short and long term such that they lead to desirable behavior, e.g., producing non-barfing middleware in this case.

The problem isn't leaving out the 'default' case. The problem is coding it as

  default:
      return DROP_CONNNECTION_AND_BAIL;

Yes, which is why I really like the idea of proactive enforcement with random expected-to-be-ignored tags/parameters. I'm arguing against the idea that leaving out the last part of this

    for (item = params->head; item; item = item->next) {
        switch (item->type) {
        case KNOWN_PARAM_TYPE_FOO:
            // do normal stuff
            break;

        /* ... etc ... */

        IGNORE_KNOWN_PARAM_TYPE_BAR:
            // fallthrough - BAR explicitly uses default handling
        default:
            continue;  // skip unknown parameters
        }
    }

is evidence of incompetence, not a strategy that will "make more profit than your competitor".

Also, as the BAR constant suggests, you probably already have code that skips unrelated fields. While the difference in programmer time is almost always trivially small, sometimes it might be zero.

Unfortunately incompetence can sometimes lead to increased profits in the short term. Why else is there so much horrendous software out there?

"Basic programmer competence" is not something you can consistently expect from people in the industry. Be it a bad day, general carelessness, or business pressures - there are many reasons to cut corners.