Escape-Technologies / graphql-armor

🛡️ The missing GraphQL security security layer for Apollo GraphQL and Yoga / Envelop servers 🛡️
https://escape.tech/graphql-armor/docs/getting-started
MIT License
498 stars 30 forks source link

`@escape.tech/graphql-armor-block-field-suggestions` leaves an extra `?` after masked suggestion #729

Open kallja opened 7 hours ago

kallja commented 7 hours ago

The @escape.tech/graphql-armor-block-field-suggestions package does what it promises. However, when masking suggestions, it leaves the leading whitespace and trailing question mark in place. I.E. the original unmasked message Cannot query field "i" on type "Node". Did you mean "id"? becomes Cannot query field "i" on type "Node". [Suggestion hidden]? without overriding the default mask. When mask is overridden with the empty string the result message is Cannot query field "i" on type "Node". ?.

I'd expect outputs of:

kallja commented 7 hours ago

If you're open to including this change (IMO an improvement, obviously), I'd be happy to contribute a PR implementing it.

nullswan commented 7 hours ago

Sure! Looking forward the contribution @kallja :)