Send minimized requests

doyensec / inql

InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.

https://doyensec.com/

Apache License 2.0

1.51k stars 156 forks source link

Send minimized requests #110

Open execveat opened 1 year ago

execveat commented 1 year ago

There should be an option (controlled through Settings window and enabled by default) to minimize GraphQL queries before sending them over the wire.

GraphQL ignores some characters:

most of the whitespace can be stripped out, apart from newlines that are signifying the end of the comment
all commas I think

There could be corner cases when minimization might prevent a particular attack, so it should be optional.