not sure what you want to do, but on the frontend you can make your code harder to read, but you can't hide it.
If you are concerned about security, you should manage it server-side. You should bild your app in a way, that it's always safe even if everyone can read your code. (like an open-source project)
#@graphql
wise lava
gentle sundial
yes, you are correct, but I would like it to be overshadowed like everything else, because the company has a security test and they complained about this situation
I wanted to at least make graphql more difficult to visualize
wise lava
idk much about graphql and i am not a security expert. But I think the only reasonable thing to do is use UUID instead of incremental IDs.
if you hide the query in your code it will be still visible in the network requests, no?
or maybe I am wrong because I don't understand graphql
gentle sundial
the problem here is not the "payload", here the problem is that the bad person knows the graphql structure
fleet warren
the problem here is not the "payload", here the problem is that the bad person k...
They can always inspect the network tab ?
Anyway, you said you are trying it, but you can't. What are you trying that isnt working?
gentle sundial
on the network there is a library that obfuscates the request, the problem is that you can see the structure in the js files
anyway the security team won't let this problem go 😄
fleet warren
Well, I was curious what you tried and what isnt working.
Mostly to avoid sharing the obvious, but anyway: https://github.com/javascript-obfuscator/javascript-obfuscator/issues/696
gentle sundial
i also tried this library