[MGNLGQL-12] GraphQL performance protection Created: 13/May/20 Updated: 04/Mar/21 |
|
| Status: | Open |
| Project: | Magnolia GraphQL |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Story | Priority: | Neutral |
| Reporter: | Christopher Zimmermann | Assignee: | Unassigned |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Template: |
|
| Acceptance criteria: |
Empty
|
| Task DoD: |
[ ]*
Doc/release notes changes? Comment present?
[ ]*
Downstream builds green?
[ ]*
Solution information and context easily available?
[ ]*
Tests
[ ]*
FixVersion filled and not yet released
[ ] 
Architecture Decision Record (ADR)
|
| Documentation update required: |
Yes
|
| Epic Link: | GraphQL Phase 2 |
| Description |
|
User story:
Notes: Many GraphQL servers implement some kind of limits on responses in order to prevent overly "expensive" queries. Some limit the number of responses from each level, others reject requests where the total number of response objects could be over a set limit. Acceptance criteria:
Under discussion: May be licensed as DXCore. See comments |
| Comments |
| Comment by Christopher Zimmermann [ 04/Mar/21 ] |
|
Solution could be to impose a hard limit on number of nodes returned at each level. Could it be a solution to have a hard timeout? After 10 seconds if query is not done it either errors or returns incomplete response? |