Max Depth
Limit the depth of a GraphQL document.
It is used to prevent too large queries that could lead to overfetching or DOS attack.
How to use?
Install the plugin:
npm install @escape.tech/graphql-armor-max-depth
Then, add it to your plugins:
gateway.config.ts
import { maxDepthPlugin } from '@escape.tech/graphql-armor-max-depth'
import { defineConfig } from '@graphql-hive/gateway'
export const gatewayConfig = defineConfig({
plugins: () => [
maxDepthPlugin({
// Toggle the plugin | Default: true
enabled: true,
// Depth threshold | default: 6
n: 6,
// Do you want to propagate the rejection to the client? | default: true
propagateOnRejection: true,
// List of queries that are allowed to bypass the plugin
allowList: [],
/* Advanced options (use here on your own risk) */
// Callbacks that are ran whenever a Query is accepted
onAccept: [],
// Callbacks that are ran whenever a Query is rejected
onReject: []
})
]
})