-
Notifications
You must be signed in to change notification settings - Fork 3.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New CS: GraphQL Security Cheat Sheet #427
Conversation
updating to latest from original repo
Had an initial quick skim over this. It looks like a nice place to grow it out into a beautiful CS. No crucifying for now. Set in draft mode till we're a bit more convinced on the structure and the potential of what it could contain. Next stage a larger expansion of it. So first, have a robust skeleton with the details in there and with additional research. Second, making this into a full CS that is ready for production. |
No crucifying for now.
Our good friend ThunderSon meant to say, no crucifying *ever* and we are
grateful for your volunteer efforts!!
=)
Aloha, Jim
|
I like it so far! I will add some comments after @ThunderSon will update structure/format. Good job @bigshebang! |
Thanks all! Excited to get this CS out there for the world to use. |
@bigshebang please create a new PR with a new branch. Master branches aren't fun playing with when things go sideways :) |
Moving this to a different PR with a new branch. |
See new PR here: #434. |
This PR covers issue #421
Don't crucify me, but I didn't check for any policy violations or use the New CS template. Just wanted to get my content here first as quickly as I could. I did check up with the conversion rules though and should be compliant with that.
This content is a copy (with small editing) of a quick cheat sheet I made for developers. I made this probably the same day that I started actually learning about breaking GraphQL and I'm still not very experienced testing it. I drew from online content like OWASP and Apollo GraphQL and from colleagues with more experience breaking GraphQL.
Some definite improvements that can be made: