npm.io
9.1.1 • Published 4 months ago

@envelop/disable-introspection

Licence
MIT
Version
9.1.1
Deps
1
Size
6 kB
Vulns
0
Weekly
0
Stars
829

@envelop/disable-introspection

This plugin injects the NoSchemaIntrospectionCustomRule validation rule exported from the graphql module to the validation phase for disabling introspection.

Getting Started

yarn add @envelop/disable-introspection

Usage Example

import { execute, parse, specifiedRules, subscribe, validate } from 'graphql'
import { envelop, useEngine } from '@envelop/core'
import { useDisableIntrospection } from '@envelop/disable-introspection'

const getEnveloped = envelop({
  plugins: [
    useEngine({ parse, validate, specifiedRules, execute, subscribe }),
    useDisableIntrospection()
  ]
})

Optional configuration

The plugin optionally accepts a configuration object:

{
  disableIf?: ({context, params}) => boolean
}
  • disableIf: A function that allow you to evaluate the need to disable introspection, based on the incoming operation. If introspection needs to be disabled/enabled based on the dynamic parameter (GraphQL operation, or, incoming request/headers), use this function to determine when introspection needs to be disabled. Return true for disabling the introspection for the incoming operation, or false to allow introspection.