Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
littlecranky67
on May 6, 2022
|
parent
|
context
|
favorite
| on:
GraphQL Is a Trap?
You cannot trust the query issuer (Browser or App on the client). If you have a public GraphQL API, you need to
enforce
these rules. If you can just alter the query to bypass the business rule, this is called a security hole.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
