tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-09-16 22:46:20 +02:00
Code Issues Projects Releases Wiki Activity
4d18d36625
silverstripe-framework/docs/en/02_Developer_Guides/19_GraphQL/04_security_and_best_practices/04_http_method_checking.md

1016 B
Raw Blame History

title summary
Strict HTTP method checking Ensure requests are GET or POST

Security & best practices

[CHILDREN asList]

[info] You are viewing docs for silverstripe/graphql 4.x. If you are using 3.x, documentation can be found in the github repository [/info]

Strict HTTP Method Checking

According to GraphQL best practices, mutations should be done over POST, while queries have the option to use either GET or POST. By default, this module enforces the POST request method for all mutations.

To disable that requirement, you can remove the HTTPMethodMiddleware from the QueryHandler.

SilverStripe\GraphQL\QueryHandler\QueryHandlerInterface.default:
  class: SilverStripe\GraphQL\QueryHandler\QueryHandler
  properties:
    Middlewares:
      httpMethod: false

Further reading

[CHILDREN]