Reply to post: Re: Hackable?

GraphQL a cut above the REST, say query lang's fans: Airbnb, Knotel, others embrace the tech

Claptrap314 Silver badge

Re: Hackable?

I don't really think so. If you consider GitHub, there is a pretty clear chain of SQL statements that get generated for each click on the website. In principle, there is no particular reason it would be difficult to expose the relevant tables and relations, subject to the existing access controls for the users. You just have to make it a policy to always do so.

The security issues are the same for the API as for the website, if you assume basic competence for the dev team.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon