blob: 6861bd41e494150a1e9c69d232fbc2ea620b6ca0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
"use strict";
Object.defineProperty(exports, "__esModule", {
value: true
});
exports.NoSchemaIntrospectionCustomRule = NoSchemaIntrospectionCustomRule;
var _GraphQLError = require("../../../error/GraphQLError.js");
var _definition = require("../../../type/definition.js");
var _introspection = require("../../../type/introspection.js");
/**
* Prohibit introspection queries
*
* A GraphQL document is only valid if all fields selected are not fields that
* return an introspection type.
*
* Note: This rule is optional and is not part of the Validation section of the
* GraphQL Specification. This rule effectively disables introspection, which
* does not reflect best practices and should only be done if absolutely necessary.
*/
function NoSchemaIntrospectionCustomRule(context) {
return {
Field: function Field(node) {
var type = (0, _definition.getNamedType)(context.getType());
if (type && (0, _introspection.isIntrospectionType)(type)) {
context.reportError(new _GraphQLError.GraphQLError("GraphQL introspection has been disabled, but the requested query contained the field \"".concat(node.name.value, "\"."), node));
}
}
};
}
|
