Extend Your GatewaySecurity

Max Directives

Limit the number of directives in a GraphQL document.

It is used to prevent DOS attack, heap overflow or server overloading.

Provided by GraphQL Armor

How to use?

Install the plugin:

npm install @escape.tech/graphql-armor-max-directives

Then, add it to your plugins:

import { maxDirectivesPlugin } from "@escape.tech/graphql-armor-max-directives";
import { defineConfig } from "@graphql-hive/gateway";

export const gatewayConfig = defineConfig({
  plugins: () => [
    maxDirectivesPlugin({
      // Toggle the plugin | Default: true
      enabled: true,
      // Number of directives allowed | Default: 10
      n: 10,
      // Do you want to propagate the rejection to the client? | default: true
      propagateOnRejection: true,
      // List of queries that are allowed to bypass the plugin
      allowList: [],

      /* Advanced options (use here on your own risk) */

      // Callbacks that are ran whenever a Query is accepted
      onAccept: [],

      // Callbacks that are ran whenever a Query is rejected
      onReject: [],
    }),
  ],
});

References

Max Depth

Previous Page

Max Tokens

Next Page

On this page

How to use?References
View on GitHub