If you pick a random GraphQL framework and run it with default settings in production, disaster is waiting to happen.

2. The GraphQL Schema#

The schema defines the structure of your API, including all possible queries and mutations that can be executed against it. It’s also used by the client-side library to generate code for interacting with your API. So far so good! But what happens if we have an error in our schema? What happens if someone finds a vulnerability in our schema? Can they exploit this vulnerability on their own or do they need some help from us? Let’s find out!

GraphQL Schemas are written using TypeScript which compiles down into JavaScript .ts files

Back to Main