JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 1094370
  • Score
    100M100P100Q210504F
  • License MIT

GraphQL IDE for better development workflows (GraphQL Subscriptions, interactive docs & collaboration).

Package Exports

  • @apollographql/graphql-playground-html

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@apollographql/graphql-playground-html) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

@apollographql/graphql-playground-html

NOTE: This is a fork of graphql-playground-html which is meant to be used by Apollo Server and only by Apollo Server. It is not intended to be used directly. Those looking to use GraphQL Playground directly can refer to the upstream repository for usage instructions.

SECURITY WARNING: Via the upstream fork, this package had a severe XSS Reflection attack vulnerability until version 1.6.25 of this package. While we have published a fix, users were only affected if they were using @apollographql/graphql-playground-html directly as their own custom middleware. The direct usage of this package was never recommended as it provided no advantage over the upstream package in that regard. Users of Apollo Server who leverage this package automatically by the dependency declared within Apollo Sever were not affected since Apollo Server never provided dynamic facilities to customize playground options per request. Users of Apollo Server would have had to statically embedded very explicit vulnerabilities (e.g., using malicious, unescaped code, <script> tags, etc.).