graphql-custom-types icon indicating copy to clipboard operation
graphql-custom-types copied to clipboard
verified publisher icon stylesuxx

Serialize is happy to serialize invalid URLs (and probably other invalid types too)

Open massimonewsuk opened this issue 7 years ago • 1 comments

You can currently send down a value like 12345 for a resolver which is supposed to resolve with a URL.

Values are only tested for validity if they are sent up as variables or literals in the user's query. The server's response is not validated (hence we can reply with invalid data).

Is this the intent of the library?

Personally I don't think it's inline with GraphQL's philosophy, because you can't return a String in place of an Int, etc. Regardless, if it's the intent of this library then we should document it, otherwise we should probably fix the serialize functions.

massimonewsuk avatar Jul 13 '18 10:07 massimonewsuk

Good point. No, it is not the intent of the library. I will gladly merge your PR, if you have time and motivation to do it.

stylesuxx avatar Jul 13 '18 20:07 stylesuxx