Expecting GraphQL to handle security is really one of the poorest ways of doing ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		JAlexoid 38 days ago \| parent \| context \| favorite \| on: GraphQL: The enterprise honeymoon is over Expecting GraphQL to handle security is really one of the poorest ways of doing security, as GQL is not designed to do that.

scotty79 38 days ago [–]

Sorry, I made a typo:

Request can be tampered with so there's *NO additional security from GraphQL protocol.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact