ASVS Requirement 4.3.2
- Level: 2
- Chapter: V4 API and Web Service
- Section: V4.3 GraphQL
- Source: 0x13-V4-API-and-Web-Service.md
Description
Verify that GraphQL introspection queries are disabled in the production environment unless the GraphQL API is meant to be used by other parties.