Skip to content

Chore/improve graphql security #9

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
zollinger wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Chore/improve graphql security #9

zollinger wants to merge 4 commits into from

Conversation

@zollinger
Copy link
Contributor

@zollinger zollinger commented Sep 18, 2020

Improves API security with the following measures:

  • Use whitelist approach as opposed to blacklisting to prevent unintentional exposure of data
  • Disables introspection on production builds (Apollo default)

@zollinger zollinger requested a review from macrozone September 18, 2020 13:19
jaymaycry
jaymaycry requested changes Sep 18, 2020
View reviewed changes
@zollinger zollinger force-pushed the chore/improve-graphql-security branch from ffcfd9d to 3b62601 Compare September 18, 2020 14:39
@zollinger
Copy link
Contributor Author

zollinger commented Nov 20, 2020

I think this solution should be accepted as best practice until we have something better. Will merge if there are no further suggestions for improvements.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jaymaycry jaymaycry jaymaycry requested changes

@macrozone macrozone Awaiting requested review from macrozone

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@zollinger @jaymaycry