GraphQL APIs need authorization rules that prevent traversal attacks and granular rules to determine if a Viewer has access to a field.
TL;DR: GraphQL APIs need authorization rules that prevent traversal attacks and granular rules to determine if a Viewer has access to a field.
This is a three part series on security concerns in scaling a GraphQL API. The planned posts:
GraphQL APIs need authorization rules that prevent traversal attacks and granular rules to determine if a Viewer has access to a field.
Hi there, thanks for visiting. I love reading technical blogs and owe it to them for most of my working knowledge. And of course, Stackoverflow :)I've always wanted to contribute back to the
Our company's recruitment platform evolved from a Rails application into a classic SPA app. The Rails app serves as a RESTful API backend while the frontend app is built on React/Flux (with
Automated Interview Scheduling At AlphaSights, we built an internal applicant tracking system and one of its coolest features is the ability to allow a candidate to pick an interview timeslot based on the
In 2010, I was in Rome with Jacky, following a night tour. There was a brief mention of a martyr Giordano Bruno when we passed by a certain square. Today I watched the
I've been living in New York for almost 2 months, but last week was the first time I spent a day out on Saturday, just walking around downtown. Eventually my feet brought me