Expecting GraphQL to handle security is really one of the poorest ways of doing security, as GQL is not designed to do that.
Sorry, I made a typo:
Request can be tampered with so there's *NO additional security from GraphQL protocol.
alt Hacker News
Sorry, I made a typo:
Request can be tampered with so there's *NO additional security from GraphQL protocol.