Maximum allowed coordinate cycle depth was exceeded #8215
Comments
|
Thanks for reaching out! A couple of quick notes:
📏 MaxAllowedFieldCycleDepthRuleBy default, Hot Chocolate enforces a cycle depth limit of 3 to prevent malicious or overly complex queries. This limit is applied globally unless configured otherwise. You can override this behavior by removing the default rule and configuring a custom one: builder
.AddGraphQLServer()
.RemoveMaxAllowedFieldCycleDepthRule()
.AddMaxAllowedFieldCycleDepthRule(defaultCycleLimit: 6);If you want finer control, you can set a global default and define custom limits per coordinate like so: builder
.AddGraphQLServer()
.RemoveMaxAllowedFieldCycleDepthRule()
.AddMaxAllowedFieldCycleDepthRule(
defaultCycleLimit: 3,
coordinateCycleLimits: [(new SchemaCoordinate("Human", "relatives"), 10)]);This configuration allows coordinate repetition of 3 in general, but for the specific field Human.relatives, it allows repetition up to 10 times. As a result, the following query would be allowed, even though it repeats {
humanById(id: 1) {
relatives {
relatives {
relatives {
relatives {
name
}
}
}
}
}
}If you have further questions, feel free to continue the conversation in Slack! 👍 |
|
@michaelstaib Thanks for your reply. You are on the spot. Actually, we were using version 14, and it appears its giving this. But the issue was not there in both version 13 and 15. |
|
It's also 15 but only when you run in production. |
Product
Hot Chocolate
Version
15.0
Link to minimal reproduction
N.A
Steps to reproduce
We are getting an error "Maximum allowed coordinate cycle depth was exceeded" as soon as deployed in Production Environment. However, the same works fine in Development environments.
Any idea about what could be the reason ?
What is expected?
It should have the same behaviour
What is actually happening?
as change on environment
Relevant log output
Additional context
No response
The text was updated successfully, but these errors were encountered: