lukaszraczylo/graphql-monitoring-proxy
1
0
Fork 0
mirror of https://github.com/lukaszraczylo/graphql-monitoring-proxy.git synced 2026-06-05 23:03:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

If the field is allowed, continue checking remaining fields.

Browse Source
This commit is contained in:
Lukasz Raczylo
2024-12-06 11:58:34 +00:00
parent 6a52a9f673
commit ed3966e577
1 changed files with 9 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
graphql.go
+8 -2
View File
@@ -177,12 +177,18 @@ func checkSelections(c *fiber.Ctx, selections []ast.Selection) bool {
fieldName := strings.ToLower(sel.Name.Value) fieldName := strings.ToLower(sel.Name.Value)
if _, exists := introspectionQueries[fieldName]; exists { if _, exists := introspectionQueries[fieldName]; exists {
if len(cfg.Security.IntrospectionAllowed) > 0 { if len(cfg.Security.IntrospectionAllowed) > 0 {
if _, allowed := introspectionAllowedQueries[fieldName]; !allowed { // If this field is allowed, don't block and continue checking other fields
if _, allowed := introspectionAllowedQueries[fieldName]; allowed {
if sel.SelectionSet != nil {
if checkSelections(c, sel.GetSelectionSet().Selections) {
return true return true
} }
} else { }
continue
}
return true return true
} }
return true
} }
if sel.SelectionSet != nil { if sel.SelectionSet != nil {
if checkSelections(c, sel.GetSelectionSet().Selections) { if checkSelections(c, sel.GetSelectionSet().Selections) {