Skip to Content

Max Depth

Limit the depth of a GraphQL document.

It is used to prevent too large queries that could lead to overfetching or DOS attack.

Provided by GraphQL Armor

How to use?

Install the plugin:

npm install @escape.tech/graphql-armor-max-depth

Then, add it to your plugins:

gateway.config.ts
import { maxDepthPlugin } from '@escape.tech/graphql-armor-max-depth' import { defineConfig } from '@graphql-hive/gateway' export const gatewayConfig = defineConfig({ plugins: () => [ maxDepthPlugin({ // Toggle the plugin | Default: true enabled: true, // Depth threshold | default: 6 n: 6, // Do you want to propagate the rejection to the client? | default: true propagateOnRejection: true, // List of queries that are allowed to bypass the plugin allowList: [], /* Advanced options (use here on your own risk) */ // Callbacks that are ran whenever a Query is accepted onAccept: [], // Callbacks that are ran whenever a Query is rejected onReject: [] }) ] })

References

Last updated on