class GraphqlTagger

Defined in:

tagger/taggers/graphql.cr

Constant Summary

BODY_PARAM_NAMES = Set {"query", "mutation", "subscription", "graphql", "gql"}

Param names that plausibly carry a raw GraphQL document, so a value that looks like a query/selection set is decisive even on a generic URL like /api. Keeping the set tight avoids scanning unrelated values (a JSON body, a search string) for GraphQL syntax.

INTROSPECTION_NAMES = Set {"__schema", "__type"}

Strong, near-unique introspection signals: tagging on either alone is safe because __schema/__type are GraphQL meta-fields, not names that show up in REST inputs.

WORDS = ["query", "mutation", "subscription", "operationname", "__schema", "__type", "graphql", "variables"]

Constructors

Instance Method Summary

Instance methods inherited from class Tagger

name : String name, perform(endpoints : Array(Endpoint)) : Array(Endpoint) perform

Constructor methods inherited from class Tagger

new(options : Hash(String, YAML::Any)) new

Constructor Detail

def self.new(options : Hash(String, YAML::Any)) #

[View source]

Instance Method Detail

def perform(endpoints : Array(Endpoint)) #

[View source]