How this template works
APIs Selection
The API selection filters in this array use a regular expression to match URLs that contain the word "graphql". This ensures that only requests to GraphQL endpoints are selected for execution.
Execute request
The execute section specifies that a single request should be executed. The request includes two modifications. First, the URL is modified using a regular expression to replace any characters after "graphql" with just "graphql". This ensures that the request is sent to the correct GraphQL endpoint. Second, the request body is replaced with a GraphQL query that retrieves the name of the "__type" with the name "Query".
Validation
The validation section checks if the response payload contains both the "data" field and the "__type" field. This ensures that the GraphQL query was successful and the expected data is returned in the response.
Frequently asked questions
"The text editor in Akto is absolutely remarkable. Its user-friendly YAML format strikes the perfect balance between simplicity and power. With intuitive features like 'API selection filter', 'Execute', Validate' creating test rules becomes incredibly easy. Akto's test editor is a game-changer, enabling seamless creation of highly personalized and effective tests that could meet the needs of any modern day organization. "
Security team,
Rippling
Explore other tests
eSMTP - Config Discovery
Nginx - Git Configuration Exposure
Laravel - Sensitive Information Disclosure
Docker Container - Misconfiguration Exposure
Msmtp - Config Exposure
Parameters.yml - File Discovery
Mongo Express - Unauthenticated Access
Apache Airflow Configuration Exposure
Dockerrun AWS Configuration Exposure
Apache Config file disclosure
Appspec Yml Disclosure
CGI script environment variable
