[MGNLGQL-12] GraphQL performance protection Created: 13/May/20  Updated: 04/Mar/21

Status: Open
Project: Magnolia GraphQL
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Story Priority: Neutral
Reporter: Christopher Zimmermann Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Documentation update required:
Yes
Epic Link: GraphQL Phase 2

 Description   

User story:

As a developer, I want the server to stay responsive and performant no matter what queries someone executes.

Notes:

Many GraphQL servers implement some kind of limits on responses in order to prevent overly "expensive" queries. Some limit the number of responses from each level, others reject requests where the total number of response objects could be over a set limit.

Acceptance criteria:

  • No matter what query is executed the server does not become unresponsive

Under discussion: May be licensed as DXCore.

See comments



 Comments   
Comment by Christopher Zimmermann [ 04/Mar/21 ]

Solution could be to impose a hard limit on number of nodes returned at each level.

Could it be a solution to have a hard timeout? After 10 seconds if query is not done it either errors or returns incomplete response?

Generated at Mon Feb 12 05:51:41 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.