You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
41 lines
1.2 KiB
41 lines
1.2 KiB
'use strict'; |
|
|
|
Object.defineProperty(exports, '__esModule', { |
|
value: true, |
|
}); |
|
exports.NoSchemaIntrospectionCustomRule = NoSchemaIntrospectionCustomRule; |
|
|
|
var _GraphQLError = require('../../../error/GraphQLError.js'); |
|
|
|
var _definition = require('../../../type/definition.js'); |
|
|
|
var _introspection = require('../../../type/introspection.js'); |
|
|
|
/** |
|
* Prohibit introspection queries |
|
* |
|
* A GraphQL document is only valid if all fields selected are not fields that |
|
* return an introspection type. |
|
* |
|
* Note: This rule is optional and is not part of the Validation section of the |
|
* GraphQL Specification. This rule effectively disables introspection, which |
|
* does not reflect best practices and should only be done if absolutely necessary. |
|
*/ |
|
function NoSchemaIntrospectionCustomRule(context) { |
|
return { |
|
Field(node) { |
|
const type = (0, _definition.getNamedType)(context.getType()); |
|
|
|
if (type && (0, _introspection.isIntrospectionType)(type)) { |
|
context.reportError( |
|
new _GraphQLError.GraphQLError( |
|
`GraphQL introspection has been disabled, but the requested query contained the field "${node.name.value}".`, |
|
{ |
|
nodes: node, |
|
}, |
|
), |
|
); |
|
} |
|
}, |
|
}; |
|
}
|
|
|