forked from bjornbytes/graphql-lua
-
Notifications
You must be signed in to change notification settings - Fork 3
Incorrect boolean validation #14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Labels
bug
Something isn't working
Comments
olegrok
added a commit
that referenced
this issue
Jul 11, 2021
Graphql spec states: > Input Coercion When expected as an input type, only boolean input values are accepted. All other input values must raise a request error indicating an incorrect type. (https://spec.graphql.org/draft/#sec-Boolean) So we can't coerce string, numeric and enum values. And here we faced main issue - because graphql parser considered "False" and "True" as enum values (correct boolean values is "true" and "false"). And if user passed "False" value to boolean argument it silently converted to true. This patch check that passed node type is boolean and raises if it's not so. Closes #14
olegrok
added a commit
that referenced
this issue
Jul 13, 2021
Graphql spec states: > Input Coercion When expected as an input type, only boolean input values are accepted. All other input values must raise a request error indicating an incorrect type. (https://spec.graphql.org/draft/#sec-Boolean) So we can't coerce string, numeric and enum values. And here we faced main issue - because graphql parser considered "False" and "True" as enum values (correct boolean values is "true" and "false"). And if user passed "False" value to boolean argument it silently converted to true. This patch check that passed node type is boolean and raises if it's not so. Closes #14
It seems, it is the regression from 84e9cce. |
Totktonada
pushed a commit
that referenced
this issue
Sep 29, 2021
Graphql spec states: > Input Coercion When expected as an input type, only boolean input values are accepted. All other input values must raise a request error indicating an incorrect type. (https://spec.graphql.org/draft/#sec-Boolean) So we can't coerce string, numeric and enum values. And here we faced main issue - because graphql parser considered "False" and "True" as enum values (correct boolean values is "true" and "false"). And if user passed "False" value to boolean argument it silently converted to true. This patch check that passed node type is boolean and raises if it's not so. Closes #14
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Imagine that we have argument of boolean type. We make a typo - write "False" instead of "false". Parser consider it as "enum", not boolean. Finally we don't have an error - after processing we have "true" boolean value.
From spec:
The text was updated successfully, but these errors were encountered: