GraphQL

GraphQL is awesome for building composable APIs to drive ambitious web and mobile applications. I ❤ it and these are my musings on the subject.

GraphQL Security Part I: Preventing 'traversal attacks' in your GraphQL API

GraphQL Security Part I: Preventing 'traversal attacks' in your GraphQL API

GraphQL APIs need authorization rules that prevent traversal attacks and granular rules to determine if a Viewer has access to a field.

Full Story

Recent Posts

How to demotivate your engineer from Day 0

The first day experience is more important than you think.

[WIP] How GraphQL Ruby parses queries

Recently I started making small contributions to graphql-ruby. This PR to fix a parsing bug

GraphQL Security Part I: Preventing 'traversal attacks' in your GraphQL API

GraphQL APIs need authorization rules that prevent traversal attacks and granular rules to determine if a Viewer has access to a field.