You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
42 lines
1.2 KiB
42 lines
1.2 KiB
4 months ago
|
'use strict';
|
||
|
|
||
|
Object.defineProperty(exports, '__esModule', {
|
||
|
value: true,
|
||
|
});
|
||
|
exports.NoSchemaIntrospectionCustomRule = NoSchemaIntrospectionCustomRule;
|
||
|
|
||
|
var _GraphQLError = require('../../../error/GraphQLError.js');
|
||
|
|
||
|
var _definition = require('../../../type/definition.js');
|
||
|
|
||
|
var _introspection = require('../../../type/introspection.js');
|
||
|
|
||
|
/**
|
||
|
* Prohibit introspection queries
|
||
|
*
|
||
|
* A GraphQL document is only valid if all fields selected are not fields that
|
||
|
* return an introspection type.
|
||
|
*
|
||
|
* Note: This rule is optional and is not part of the Validation section of the
|
||
|
* GraphQL Specification. This rule effectively disables introspection, which
|
||
|
* does not reflect best practices and should only be done if absolutely necessary.
|
||
|
*/
|
||
|
function NoSchemaIntrospectionCustomRule(context) {
|
||
|
return {
|
||
|
Field(node) {
|
||
|
const type = (0, _definition.getNamedType)(context.getType());
|
||
|
|
||
|
if (type && (0, _introspection.isIntrospectionType)(type)) {
|
||
|
context.reportError(
|
||
|
new _GraphQLError.GraphQLError(
|
||
|
`GraphQL introspection has been disabled, but the requested query contained the field "${node.name.value}".`,
|
||
|
{
|
||
|
nodes: node,
|
||
|
},
|
||
|
),
|
||
|
);
|
||
|
}
|
||
|
},
|
||
|
};
|
||
|
}
|