Product Updates

DatoCMS changelog for new features and general improvements
Content Delivery API Security

Improved GraphQL Security

January 8th, 2024

Your sensitive information deserves the utmost protection, and we're excited to announce a significant update to address potential data exposure risks in DatoCMS projects.

The problem

Previously, if you had an API token with limited permissions and made a GraphQL introspection query to our Content Delivery API, you could inadvertently reveal sensitive project details beyond the token's scope. This vulnerability could expose private information such as model names, fields, and their interconnections.

To further illustrate the issue and the impact of the update, here's an example:

{
  blackFridayOffer {
    perOrderDiscount
  }
}

Let's say you have an API token that only has permissions to view the "blog articles" model in your DatoCMS project. Previously, when you made a GraphQL request for something inaccessible, the response simply showed a lack of data, but without explicitly hiding any related fields:

{
  "data": {
    "blackFridayOffer": null
  }
}

Sure, no data is spilling out, but the mere existence of the blackFridayOffer field in the project's schema is a subtle hint that there's some Black Friday intel lurking about, potentially even a per-order discount. That could be information you'd rather keep under wraps.

The Solution

As of today, all new DatoCMS projects will ensure enhanced security by implementing a new behavior. If an API token can only access specific models, inaccessible GraphQL fields will be completely hidden from the GraphQL schema and response, eliminating any potential information exposure.

The same query would result in an error:

{
  "errors": [
    {
      "message": "Field 'blackFridayOffer' doesn't exist on type 'Query'",
      "path": [
        "query",
        "blackFridayOffer"
      ]
    }
  ]
}

By concealing the inaccessible field, the response no longer reveals any information about the Black Friday offer, safeguarding against potential data exposure risks.

Migrating Existing Projects

If you have an existing project that you'd like to update, you can easily do so from the "Available Updates" section of your environment configuration, as shown in this video:

We strongly recommend testing the effects in a sandbox environment before applying the change to your primary environment, as this update cannot be undone.

Start using DatoCMS today
According to Gartner 89% of companies plan to compete primarily on the basis of customer experience this year. Don't get caught unprepared.
  • No credit card
  • Easy setup
Status
Product
Team
Pricing
Support
DatoCMS for Enterprise
Product & Features
Resources
Technologies
Compare DatoCMS
Company
Subscribe to our newsletter! 📥
One update per month. All the latest news and sneak peeks directly in your inbox.
Privacy policy Cookie policy GDPR Compliance Terms of Service
support@datocms.com ©2024 Dato srl, all rights reserved P.IVA 06969620480