Expecting GraphQL to handle security is really one of the poorest ways of doing ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		JAlexoid 5 days ago \| parent \| context \| favorite \| on: GraphQL: The enterprise honeymoon is over Expecting GraphQL to handle security is really one of the poorest ways of doing security, as GQL is not designed to do that.

scotty79 5 days ago [–]

Sorry, I made a typo:

Request can be tampered with so there's *NO additional security from GraphQL protocol.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact