Description

Your GraphQL server implementation does not restrict or limit the size of incoming queries. During the assessment, it was observed that a GraphQL query comprising 20000 characters was successfully processed by the server. Large, unchecked queries pose potential denial-of-service threats and can lead to unintended processing costs.

Implementing a simple length check can prevent oversized queries from being processed, thereby safeguarding the server from potential abuse and improving the resilience of your GraphQL server against DoS attacks.

Remediation

Enforce Query Length Limit: Implement a middleware that checks the length of the incoming GraphQL queries. Queries that exceed a reasonable length, such as 2000 characters, should be rejected. The provided code snippet is an example of how to implement such a check:

 app.use('*', (req, res, next) => {
  const query = req.query.query || req.body.query || '';
  if (query.length > 8192) {
    throw new Error('Query too large');
  }
  next();
}); 
This ensures that only queries within the accepted length are processed, offering a layer of protection against potential attacks.

References

Related Vulnerabilities