I'm trying to fetch all product information for the product page in one go:
When I run this query I get an error: Max query complexity should be 300 but got 388.
I'm not doing anything super special and I would expect this to succeed. Especially since the workaround is that I need to make two calls to the Magento backend which will invariably cause more load for the server.
Actual result (*)The current complexity limit is set to 300:
There currently is a test set to validate that it isn't more than 300:
self::expectExceptionMessageMatches('/Max query complexity should be 300 but got 302/');It seems that the queryDepth here is set relatively high, but the queryComplexity is set relatively low.
If we read this security post from Apollo https://www.apollographql.com/blog/securing-your-graphql-api-from-malicious-queries-16130a324a6b/, it seems more sensible values would be:
If we follow the defaults mentioned here: https://github.com/slicknode/graphql-query-complexity/blob/95e2899dd9bc32600114dd04bef5996ceeba0f4a/README.md#usage, we get:
Hasura doesn't even offer queryComplexity limits they only offer queryDepth limits:
https://hasura.io/docs/latest/graphql/cloud/api-limits.html#configuring-an-api-limit
Please provide Severity assessment for the Issue as Reporter. This information will help during Confirmation and Issue triage processes.
lilbumblebear, FrankHarland, joshdavenport, paales, carlocarels90 and 1 more
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4