Protocol: GraphQL Content Type¶

Identifier: graphql_content_type

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner

Description¶

If the Content-Type header isnt explicitly set to the expected value, it can lead to dangerous misinterpretation of what the response really is. For example, if a GraphQL API returns something other than JSON but the client assumes its valid JSON, it creates room for content sniffing, which may allow attackers to execute malicious code or tamper with data. Developers sometimes overlook setting the proper headers because they assume defaults will work or that response formats arent crucial, but this can cause your application to behave unpredictably, expose sensitive information, or even open doors for cross-site scripting attacks if browsers try to guess the content type incorrectly. It's a classic case of how small oversights can lead to bigger security issues if not fixed.

References:

https://spec.graphql.org/draft/#sec-Serialization-Format

Configuration¶

Example¶

Example configuration:

---
security_tests:
  graphql_content_type:
    assets_allowed:
    - GRAPHQL
    skip: false

Reference¶

`assets_allowed`¶

Type : List[AssetType]*

List of assets that this check will cover.

`skip`¶

Type : boolean

Skip the test if true.