Max Directives

Limit the number of directives in a GraphQL document.

It is used to prevent DOS attack, heap overflow or server overloading.

How to use?

Install the plugin:

npm install @escape.tech/graphql-armor-max-directives

pnpm add @escape.tech/graphql-armor-max-directives

yarn add @escape.tech/graphql-armor-max-directives

bun add @escape.tech/graphql-armor-max-directives

Then, add it to your plugins:

gateway.config.ts

import { maxDirectivesPlugin } from '@escape.tech/graphql-armor-max-directives'
import { defineConfig } from '@graphql-hive/gateway'
 
export const gatewayConfig = defineConfig({
  plugins: () => [
    maxDirectivesPlugin({
      // Toggle the plugin | Default: true
      enabled: true,
      // Number of directives allowed | Default: 10
      n: 10,
      // Do you want to propagate the rejection to the client? | default: true
      propagateOnRejection: true,
      // List of queries that are allowed to bypass the plugin
      allowList: [],
 
      /* Advanced options (use here on your own risk) */
 
      // Callbacks that are ran whenever a Query is accepted
      onAccept: [],
 
      // Callbacks that are ran whenever a Query is rejected
      onReject: []
    })
  ]
})

References

Max Depth Max Tokens