Secure mod-graphql against malicious queries
Description
Environment
None
Potential Workaround
None
relates to
Checklist
hideTestRail: Results
Activity
Show:
Details
Details
Assignee
Jason SkomorowskiReporter
Mike TaylorPriority
P3TestRail: Cases
Open TestRail: Cases
TestRail: Runs
Open TestRail: Runs
Created March 1, 2018 at 11:09 AM
Updated March 17, 2021 at 2:39 PM
TestRail: Cases
TestRail: Runs
This is something we should be aware of as we start to move towards production: the extreme expressiveness and power of GraphQL makes it very easy to construct queries that will consume resources and result in a DoS. See the fine overview of approaches at https://dev-blog.apollodata.com/securing-your-graphql-api-from-malicious-queries-16130a324a6b