The CR GraphQL allows referencing a GraphQL schema resource. The schema of this ConfigMap resource must be compatible with GraphQL schema definition (Oct. 2021). Introspection and mutation queries are supported.
- GraphQL queries, variables and operation names can be extracted from different sources:
- HTTP query parameters
- JSON bodies
Queries from both sources can be identified and parsed as described in the CR Parser article.
The threatHandlingMode
setting in this CR is limited to the configurable features in this CR. It is not related to the CR DenyRules threatHandlingMode
configuration.