| 1234567891011121314151617181920212223242526272829303132333435363738394041 |
- 'use strict';
- Object.defineProperty(exports, '__esModule', {
- value: true,
- });
- exports.NoSchemaIntrospectionCustomRule = NoSchemaIntrospectionCustomRule;
- var _GraphQLError = require('../../../error/GraphQLError.js');
- var _definition = require('../../../type/definition.js');
- var _introspection = require('../../../type/introspection.js');
- /**
- * Prohibit introspection queries
- *
- * A GraphQL document is only valid if all fields selected are not fields that
- * return an introspection type.
- *
- * Note: This rule is optional and is not part of the Validation section of the
- * GraphQL Specification. This rule effectively disables introspection, which
- * does not reflect best practices and should only be done if absolutely necessary.
- */
- function NoSchemaIntrospectionCustomRule(context) {
- return {
- Field(node) {
- const type = (0, _definition.getNamedType)(context.getType());
- if (type && (0, _introspection.isIntrospectionType)(type)) {
- context.reportError(
- new _GraphQLError.GraphQLError(
- `GraphQL introspection has been disabled, but the requested query contained the field "${node.name.value}".`,
- {
- nodes: node,
- },
- ),
- );
- }
- },
- };
- }
|
