You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It's bad practice to allow unbounded payloads to reach any given endpoint, and I feel that a graphQL endpoint, which exposes an interpreted DSL capable of triggering a lot of things, is an excellent example.
I have tried to change the route.config.payload.maxBytes value, on my side, to a very conservative 1024 bytes, but hapi wouldn't allow my configuration, since the possible methods are set to ['get', 'post'] and the GET verb doesn't allow for a request payload.
Could the maximum allowed payload be limited through an external option?
The text was updated successfully, but these errors were encountered:
It's bad practice to allow unbounded payloads to reach any given endpoint, and I feel that a graphQL endpoint, which exposes an interpreted DSL capable of triggering a lot of things, is an excellent example.
I have tried to change the
route.config.payload.maxBytesvalue, on my side, to a very conservative 1024 bytes, but hapi wouldn't allow my configuration, since the possible methods are set to['get', 'post']and theGETverb doesn't allow for a request payload.Could the maximum allowed payload be limited through an external option?
The text was updated successfully, but these errors were encountered: