在线时间:8:00-16:00
迪恩网络APP
随时随地掌握行业动态
扫描二维码
关注迪恩网络微信公众号
开源软件名称(OpenSource Name):kadirahq/graphql-errors开源软件地址(OpenSource Url):https://github.com/kadirahq/graphql-errors开源编程语言(OpenSource Language):JavaScript 97.1%开源软件介绍(OpenSource Introduction):GraphQL ErrorsWhen an error occurs when processing GraphQL queries, graphql-js sends the complete error message to the client with the response. In most cases, sending error messages to the client without supervision is a bad idea since those might leak sensitive information. The Usageconst { maskErrors } = require('graphql-errors');
const schema = new graphql.GraphQLSchema({
// ...your schema here...
});
// Mask the error messages
maskErrors(schema);
// Use your schema like you normally would, for example:
app.use('/', graphqlHTTP({ schema: schema })); User errorsSome error messages you do want to send to the user though, like permission errors, so const { UserError } = require('graphql-errors')
const resolvers = {
Query: {
hiddenField() {
// Your user sees: "Permission denied."
throw new UserError('Permission denied.');
}
}
} Example ErrorLet's say your database throws an error because you exceeded some limit. Normally your user would see an error message saying "Database limit exceeded.", but not with What the user gets in the response {
"data": {
"post": null
},
"errors": [
{
"message": "Internal Error: e553aaa4-47dc-47db-9bfc-314cc2cf5833",
"locations": [
{
"line": 2,
"column": 3
}
],
"path": [
"post"
]
}
]
} As you can see, no sensitive information is leaked to the user at all. You might think this'll make bug reports less useful, but note how a UUID is attached to the error message! What you see in the server console
Note how the same UUID ( |
2023-10-27
2022-08-15
2022-08-17
2022-09-23
2022-08-13
请发表评论