GraphQL APIs need authorization rules that prevent traversal attacks and granular rules to determine if a Viewer has access to a field.
TL;DR: GraphQL APIs need authorization rules that prevent traversal attacks and granular rules to determine if a Viewer has access to a field.
This is a three part series on security concerns in scaling a GraphQL API. The planned posts:
The first day experience is more important than you think.
![[WIP] How GraphQL Ruby parses queries](/content/images/2019/06/tian-kuan-9AxFJaNySB8-unsplash.jpg)
Recently I started making small contributions to graphql-ruby. This PR to fix a parsing bug got me acquainted with the lexing and parsing of GraphQL queries in Ruby. On GraphQL Ruby's site, there
GraphQL APIs need authorization rules that prevent traversal attacks and granular rules to determine if a Viewer has access to a field.
Hi there, thanks for visiting. I love reading technical blogs and owe it to them for most of my working knowledge. And of course, Stackoverflow :) I've always wanted to contribute back to the
Our company's recruitment platform evolved from a Rails application into a classic SPA app. The Rails app serves as a RESTful API backend while the frontend app is built on React/Flux (with
Automated Interview Scheduling At AlphaSights, we built an internal applicant tracking system and one of its coolest features is the ability to allow a candidate to pick an interview timeslot based on the