michael-willingham opened a new issue, #3271: URL: https://github.com/apache/incubator-kie-tools/issues/3271
Hello! I had some thoughts and questions around the existing graphql behaviour of the Sonataflow Management Console, in light of the recent changes to make the console read-only: https://github.com/apache/incubator-kie-tools/issues/2696 Based on the recent changes to make the console read-only, shouldn't the Apollo client switch to using GET requests to the data index `/graphql` endpoint? As far as I am aware, no mutations are taking place any longer. Making this change would allow for more fine-grained security controls to be enacted on the data index deployment: * GET requests can have a more permissive http policy * POST requests could have a more restrictive http policy Otherwise, on the Quarkus http security side of things, it seems tricky to determine which POST requests to the data index are mutations vs. queries. I'm happy to be corrected here if my understanding is wrong. I believe this would be a fairly small change: https://github.com/michael-willingham/apache--incubator-kie-tools/pull/1/files Thanks! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
