GraphQL Middleware done right!
This plugins wraps [`graphql-middleware`](https://github.com/maticzav/graphql-middleware) and allow you to apply schema middlewares that uses the standard defined by `graphql-middleware`.
Sentry plugin for GraphQL Middleware
GraphQL middleware for PostGraphile and Stonecrop schema
GraphQL Middleware done right!
graphql-middleware
A GraphQL middleware to enable X-Ray tracing subsegments for GraphQL resolvers
Generic GraphQL middleware to capture errors
GraphQL middleware to instrument resolvers with pino logger
Apollo GraphQL middleware for enabling edge caching on Edgio.
GraphQL middleware for schema resolvers
GraphQL Middleware done right!
GraphQL middleware for Hattip
Apollo GraphQL middleware for enabling edge caching on Layer0.
rollup-plugin-graphql-middleware
Apollo GraphQL middleware for enabling edge caching on the Moovweb XDN.
GraphQL middleware for express framework
@schamane/graphql-middleware
GraphQL middleware to validate mutations arguments using yup
GraphQL Binding forwardTo plugin for GraphQL Middleware
Module to perform GraphQL requests as a server middleware.
GraphQL middleware for honohub
GraphQL Middleware plugin for Bugsnag
GraphQL middleware for nanoexpress
Provides middleware field-level caching for graphql-ruby
apollo-upload-server implementation for Ruby on Rails as middleware.
Rack middleware implementing graphql endpoint.
A rack middleware wrapper for GraphQL Playground
Provides middleware field-level caching for graphql-ruby
A simple spec-compliant GraphQL rack application and middleware
The middleware makes sure any request to specified paths would have been preflighted if it was sent by a browser. We don't want random websites to be able to execute actual GraphQL operations from a user's browser unless our CORS policy supports it. It's not good enough just to ensure that the browser can't read the response from the operation; we also want to prevent CSRF, where the attacker can cause side effects with an operation or can measure the timing of a read operation. Our goal is to ensure that we don't run the context function or execute the GraphQL operation until the browser has evaluated the CORS policy, which means we want all operations to be pre-flighted. We can do that by only processing operations that have at least one header set that appears to be manually set by the JS code rather than by the browser automatically. POST requests generally have a content-type `application/json`, which is sufficient to trigger preflighting. So we take extra care with requests that specify no content-type or that specify one of the three non-preflighted content types. For those operations, we require one of a set of specific headers to be set. By ensuring that every operation either has a custom content-type or sets one of these headers, we know we won't execute operations at the request of origins who our CORS policy will block.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.