From 03a5dcbcc7c6d838315eb3a591d0a492935d14eb Mon Sep 17 00:00:00 2001 From: trivernis Date: Tue, 14 Jan 2020 13:28:23 +0100 Subject: [PATCH] Add Query Complexity headers - Add headers headers `X-Query-Complexity` and `X-Max-Query-Complexity` --- CHANGELOG.md | 1 + src/app.ts | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b147ebe..6689bc1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -28,6 +28,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - joined field to Group gql type - rate limits with defaults of 10/min for `/upload` and 30/min for `/graphql` - complexity limits for graphql queries that can be configured with the `api.maxQueryComplexity` option +- complexity headers `X-Query-Complexity` and `X-Max-Query-Complexity` ### Removed diff --git a/src/app.ts b/src/app.ts index 8089a8e..6d9aa2f 100644 --- a/src/app.ts +++ b/src/app.ts @@ -20,7 +20,6 @@ import * as redis from "redis"; import {Sequelize} from "sequelize-typescript"; import * as socketIo from "socket.io"; import * as socketIoRedis from "socket.io-redis"; -import {query} from "winston"; import {resolver} from "./graphql/resolvers"; import dataaccess from "./lib/dataAccess"; import globals from "./lib/globals"; @@ -194,6 +193,7 @@ class App { // @ts-ignore this.app.use("/graphql", graphqlHTTP(async (request, response, {variables}) => { + response.setHeader("X-Max-Query-Complexity", config.get("api.maxQueryComplexity")); return { // @ts-ignore all context: {session: request.session}, @@ -209,6 +209,7 @@ class App { maximumComplexity: config.get("api.maxQueryComplexity"), onComplete: (complexity: number) => { logger.debug(`QueryComplexity: ${complexity}`); + response.setHeader("X-Query-Complexity", complexity); }, variables, }),