menu

GraphQL

GraphQL is a query language for APIs, with thousands of tools and libraries built by the community.

Channels
Team

How we secure our GraphQL API at Spectrum

February 21, 2018 at 7:12pm

How we secure our GraphQL API at Spectrum

February 21, 2018 at 7:12pm
I wrote a piece for the Apollo blog about the approaches we use to secure our GraphQL API from malicious queries here at Spectrum!

February 21, 2018 at 7:56pm
Thanks again Max! It was such a great post!
  • reply
  • like
Hi Max, thank you for writing this down!
Its so nice to have a blog posts highlighting all the possibilities!
Where do you register the custom input fields from `graphql-input-number` when using `.graphql` schema definitions?
  • reply
  • like
Funny, exactly what I've been doing the last few weeks :D
  • reply
  • like

February 22, 2018 at 7:50am
we use graphql-tools by the Apollo folks (h/t ) to add it as a custom scalar which we then use throughout the schema!
like-fill
1
  • reply
  • like

March 28, 2019 at 5:16am
Thanks again Max! It was such a great post!
Thanks Max for such a wonderful post.
  • reply
  • like
Sir I am trying to implement the concept of Size limiting .
  • reply
  • like
app.use('*', (req, res, next) => { const query = req.query.query || req.body.query || ''; if (query.length > 2000) { throw new Error('Query too large'); } next(); });
  • reply
  • like
But getting error as undefined value for req.query.query and req.body.query.
  • reply
  • like
Sample query passed:query{ hello }
  • reply
  • like
Please guide
  • reply
  • like

June 12, 2019 at 7:37am
I am using graphql-java to implement graphql server. Wondering if any existing java library to resolve similar problems?
  • reply
  • like