Strapi should support GraphQL queries over GET requests
Daniele Orlando
In Strapi 4, GraphQL queries sent over HTTP GET requests receive a Forbidden Access error.
Everything works as expected running the same queries over POST requests.
The GraphQL endpoint is /graphql and serves successfully POST queries/mutations and the Playground Web Interface.
I expect to be able to use GraphQL over HTTP GET as per standard.
The issue is related to this portion of code that skips the authentication logic:
Removing that block of code, the GET requests work as expected and the Playground is still reachable on the same endpoint.
john munchkin arkema
Currently setting up Strapi V4 as our CMS with Shopify Hydrogen (remix.run). We are trying to configure the ApolloServer to work with CDNs.
Part of the ApolloServer configuration allows for "Automatic persisted queries" over GET requests to work with most CDNs.
When the option,
useGETForHashedQueries: true
is set on the frontend we get the same error Daniele mentioned in the Github issue, "Forbidden Access".https://www.apollographql.com/docs/apollo-server/performance/apq/#using-get-requests-with-apq-on-a-cdn