Skip to content

Latest commit

 

History

History
82 lines (78 loc) · 7.16 KB

README.md

File metadata and controls

82 lines (78 loc) · 7.16 KB

* This report was auto-generated by graphql-http

GraphQL over HTTP audit report

  • 73 audits in total
  • 73 pass

Passing

  1. SHOULD accept application/graphql-response+json and match the content-type
  2. MUST accept application/json and match the content-type
  3. SHOULD accept */* and use application/graphql-response+json for the content-type
  4. SHOULD assume application/graphql-response+json content-type when accept is missing
  5. MUST use utf-8 encoding when responding
  6. MUST accept utf-8 encoding
  7. MUST assume utf-8 if encoding is unspecified
  8. MUST accept POST requests
  9. MAY accept application/x-www-form-urlencoded formatted GET requests
  10. MUST NOT allow executing mutations on GET requests
  11. SHOULD respond with 4xx status code if content-type is not supplied on POST requests
  12. MUST accept application/json POST requests
  13. MUST require a request body on POST
  14. SHOULD use 400 status code on missing {query} parameter when accepting application/graphql-response+json
  15. SHOULD use 200 status code with errors field on missing {query} parameter when accepting application/json
  16. SHOULD use 400 status code on object {query} parameter when accepting application/graphql-response+json
  17. SHOULD use 400 status code on number {query} parameter when accepting application/graphql-response+json
  18. SHOULD use 400 status code on boolean {query} parameter when accepting application/graphql-response+json
  19. SHOULD use 400 status code on array {query} parameter when accepting application/graphql-response+json
  20. SHOULD use 200 status code with errors field on object {query} parameter when accepting application/json
  21. SHOULD use 200 status code with errors field on number {query} parameter when accepting application/json
  22. SHOULD use 200 status code with errors field on boolean {query} parameter when accepting application/json
  23. SHOULD use 200 status code with errors field on array {query} parameter when accepting application/json
  24. SHOULD allow string {query} parameter when accepting application/graphql-response+json
  25. MUST allow string {query} parameter when accepting application/json
  26. SHOULD use 400 status code on object {operationName} parameter when accepting application/graphql-response+json
  27. SHOULD use 400 status code on number {operationName} parameter when accepting application/graphql-response+json
  28. SHOULD use 400 status code on boolean {operationName} parameter when accepting application/graphql-response+json
  29. SHOULD use 400 status code on array {operationName} parameter when accepting application/graphql-response+json
  30. SHOULD use 200 status code with errors field on object {operationName} parameter when accepting application/json
  31. SHOULD use 200 status code with errors field on number {operationName} parameter when accepting application/json
  32. SHOULD use 200 status code with errors field on boolean {operationName} parameter when accepting application/json
  33. SHOULD use 200 status code with errors field on array {operationName} parameter when accepting application/json
  34. SHOULD allow string {operationName} parameter when accepting application/graphql-response+json
  35. MUST allow string {operationName} parameter when accepting application/json
  36. SHOULD use 400 status code on string {variables} parameter when accepting application/graphql-response+json
  37. SHOULD use 400 status code on number {variables} parameter when accepting application/graphql-response+json
  38. SHOULD use 400 status code on boolean {variables} parameter when accepting application/graphql-response+json
  39. SHOULD use 400 status code on array {variables} parameter when accepting application/graphql-response+json
  40. SHOULD use 200 status code with errors field on string {variables} parameter when accepting application/json
  41. SHOULD use 200 status code with errors field on number {variables} parameter when accepting application/json
  42. SHOULD use 200 status code with errors field on boolean {variables} parameter when accepting application/json
  43. SHOULD use 200 status code with errors field on array {variables} parameter when accepting application/json
  44. SHOULD allow map {variables} parameter when accepting application/graphql-response+json
  45. MUST allow map {variables} parameter when accepting application/json
  46. SHOULD allow URL-encoded JSON string {variables} parameter in GETs when accepting application/graphql-response+json
  47. MUST allow URL-encoded JSON string {variables} parameter in GETs when accepting application/json
  48. SHOULD use 400 status code on string {extensions} parameter when accepting application/graphql-response+json
  49. SHOULD use 400 status code on number {extensions} parameter when accepting application/graphql-response+json
  50. SHOULD use 400 status code on boolean {extensions} parameter when accepting application/graphql-response+json
  51. SHOULD use 400 status code on array {extensions} parameter when accepting application/graphql-response+json
  52. SHOULD use 200 status code with errors field on string {extensions} parameter when accepting application/json
  53. SHOULD use 200 status code with errors field on number {extensions} parameter when accepting application/json
  54. SHOULD use 200 status code with errors field on boolean {extensions} parameter when accepting application/json
  55. SHOULD use 200 status code with errors field on array {extensions} parameter when accepting application/json
  56. SHOULD allow map {extensions} parameter when accepting application/graphql-response+json
  57. MUST allow map {extensions} parameter when accepting application/json
  58. SHOULD use 200 status code on JSON parsing failure when accepting application/json
  59. SHOULD use 200 status code if parameters are invalid when accepting application/json
  60. SHOULD use 200 status code on document parsing failure when accepting application/json
  61. SHOULD use 200 status code on document validation failure when accepting application/json
  62. SHOULD use 4xx or 5xx status codes on JSON parsing failure when accepting application/graphql-response+json
  63. SHOULD use 400 status code on JSON parsing failure when accepting application/graphql-response+json
  64. SHOULD not contain the data entry on JSON parsing failure when accepting application/graphql-response+json
  65. SHOULD use 4xx or 5xx status codes if parameters are invalid when accepting application/graphql-response+json
  66. SHOULD use 400 status code if parameters are invalid when accepting application/graphql-response+json
  67. SHOULD not contain the data entry if parameters are invalid when accepting application/graphql-response+json
  68. SHOULD use 4xx or 5xx status codes on document parsing failure when accepting application/graphql-response+json
  69. SHOULD use 400 status code on document parsing failure when accepting application/graphql-response+json
  70. SHOULD not contain the data entry on document parsing failure when accepting application/graphql-response+json
  71. SHOULD use 4xx or 5xx status codes on document validation failure when accepting application/graphql-response+json
  72. SHOULD use 400 status code on document validation failure when accepting application/graphql-response+json
  73. SHOULD not contain the data entry on document validation failure when accepting application/graphql-response+json