Spectrum is now read-only. Learn more about the decision in our official announcement.


GraphQL is a query language for APIs, with thousands of tools and libraries built by the community.


How we secure our GraphQL API at Spectrum

February 21, 2018 at 7:12pm

How we secure our GraphQL API at Spectrum

February 21, 2018 at 7:12pm
I wrote a piece for the Apollo blog about the approaches we use to secure our GraphQL API from malicious queries here at Spectrum!

February 21, 2018 at 7:56pm
Thanks again Max! It was such a great post!
Hi Max, thank you for writing this down!
Its so nice to have a blog posts highlighting all the possibilities!
Where do you register the custom input fields from `graphql-input-number` when using `.graphql` schema definitions?
Funny, exactly what I've been doing the last few weeks :D

February 22, 2018 at 7:50am
we use graphql-tools by the Apollo folks (h/t ) to add it as a custom scalar which we then use throughout the schema!

March 28, 2019 at 5:16am
Thanks Max for such a wonderful post.
Sir I am trying to implement the concept of Size limiting .
app.use('*', (req, res, next) => { const query = req.query.query || req.body.query || ''; if (query.length > 2000) { throw new Error('Query too large'); } next(); });
But getting error as undefined value for req.query.query and req.body.query.
Sample query passed:query{ hello }
Please guide

June 12, 2019 at 7:37am
I am using graphql-java to implement graphql server. Wondering if any existing java library to resolve similar problems?