Overview
Subscriptions are very different from normal Queries and Mutations. They use websockets instead of POST requests. This can also be a vector of attack, as possible leaks in message topics in a back-end implementation can often reveal sensitive information.
GraphQLer should be able to handle this as well, using context generated from the previous dependency-chain runs. For more resources:
Implementation requirements
This will require some additional features to be done on both the compiler / fuzzer side. Namely, looking for subscription types, and using web-sockets to send subscription payloads.
Testing
Look for possible open-source APIs that already have subscriptions implemented. If not, create a test for this and add it to the integration tests.
Overview
Subscriptions are very different from normal Queries and Mutations. They use websockets instead of POST requests. This can also be a vector of attack, as possible leaks in message topics in a back-end implementation can often reveal sensitive information.
GraphQLer should be able to handle this as well, using context generated from the previous dependency-chain runs. For more resources:
Implementation requirements
This will require some additional features to be done on both the compiler / fuzzer side. Namely, looking for subscription types, and using web-sockets to send subscription payloads.
Testing
Look for possible open-source APIs that already have subscriptions implemented. If not, create a test for this and add it to the integration tests.