Documentation
Gateway
Other Features
Security
Block Field Suggestions

Block Field Suggestions

This is a feature that allows you to prevent returning field suggestions and leaking your schema to unauthorized actors provided by GraphQL Armor

In production, this can lead to Schema leak even if the introspection is disabled.

How to use?

Install the plugin:

npm install @escape.tech/graphql-armor-block-field-suggestions

Then, add it to your plugins:

gateway.config.ts
import { blockFieldSuggestionsPlugin } from '@escape.tech/graphql-armor-block-field-suggestions'
import { defineConfig } from '@graphql-hive/gateway'
 
export const gatewayConfig = defineConfig({
  plugins: () => [
    blockFieldSuggestionsPlugin({
      // Toggle the plugin | Default: true
      enabled: true,
      // Mask applied to the error message | default: '[Suggestion hidden]'
      mask: '[Suggestion hidden]'
    })
  ]
})