Skip to main content

Content type

Description

The Content-Type header is not set to application/json. GraphQL APIs should always return a JSON response, according to the GraphQL specification.

Remediation

Ensure that the Content-Type header is set to application/json.

Configuration

Identifier: protocol/graphql_content_type

Examples

Ignore this check

{
"checks": {
"protocol/graphql_content_type": {
"skip": true
}
}
}

Score

  • Escape Severity: LOW

References