The reaction web app looks to be including the Content-Security-Policy HTTP response header in graphql responses. The value of this header is relatively huge compared to a typical header, around 4200 bytes. As this header is only meaningful to the browser for text/html responses, we should consider trying to omit it when sending application/json graphql responses. This would be a performance optimization around total payload size.
The reaction web app looks to be including the
Content-Security-PolicyHTTP response header in graphql responses. The value of this header is relatively huge compared to a typical header, around 4200 bytes. As this header is only meaningful to the browser fortext/htmlresponses, we should consider trying to omit it when sendingapplication/jsongraphql responses. This would be a performance optimization around total payload size.