V13.4 — GraphQL
GraphQL: 2 L3 requirement(s). V13.4.1: Verify that a query allow list or a combination of depth limiting and amount limiting is used to prevent GraphQL or data... V13.4.2: Verify that GraphQL or other data layer authorization logic should be implemented at the business logic layer instead of...
| Property | Value |
|---|---|
| Section | V13.4 |
| Owner | platform |
Mapped Controls
| Control | Title |
|---|---|
| SID-ARCH-01 | Platform Architecture Non-Applicability Register |
Source: OWASP Application Security Verification Standard 4.0.3