Discovering GraphQL endpoints and SQLi vulnerabilities
In Summary : An interesting thing to point out is that GraphQL isn’t tied to any specific database (or storage engine for that matter) and...
https://updatesinfosec.blogspot.com/2018/09/discovering-graphql-endpoints-and-sqli.html
In Summary :
An interesting thing to point out is that GraphQL isn’t tied to any specific database (or storage engine for that matter) and is instead backed by existing code. What this means is that, unlike REST APIs (where the client first interacts with arbitrary code written by programmer(s) and this code reaches the database); the client first interacts with GraphQL, which in turn interacts with arbitrary code and ultimately ends talking to the database. A more useful diagram to depict this situation is this one [...]
kindly refer the following link as follow up :
https://ift.tt/2ONKcih
An interesting thing to point out is that GraphQL isn’t tied to any specific database (or storage engine for that matter) and is instead backed by existing code. What this means is that, unlike REST APIs (where the client first interacts with arbitrary code written by programmer(s) and this code reaches the database); the client first interacts with GraphQL, which in turn interacts with arbitrary code and ultimately ends talking to the database. A more useful diagram to depict this situation is this one [...]
kindly refer the following link as follow up :
https://ift.tt/2ONKcih
