53b323640f
In order to prevent SQL injections and , reveal information about the database tables avoid passing MySQL functions as GQL sorting parameters, I refactored the FormatSQL() function. Additionally, the old approach with using regex to filter the orderBy parameter was not effective and prevented using column.table annotations. |
||
---|---|---|
.. | ||
auth | ||
models | ||
notification | ||
resolvers | ||
directive.go | ||
generated.go | ||
schema.graphql |