Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: support ApolloSandbox playground #2581

Merged

Conversation

ergofriend
Copy link
Contributor

I would like to add ApolloSandbox to the Playground options, similar to #2437

Apollo Sandbox: an open GraphQL IDE for local development - Apollo GraphQL Blog

ApolloSandbox includes developer-friendly features such as useful browsing of schema documentation, easy building queries, and sharing of queries in specific cases for debug.

new ApolloSandboxHandler

http.Handle("/", playground.ApolloSandboxHandler("GraphQL playground", "/query"))

"title": title,
"endpoint": endpoint,
"endpointIsAbsolute": endpointHasScheme(endpoint),
"mainSRI": "sha256-/E4VNgAWFmbNLyXACSYoqsDAj68jC1sCMSQ0cDjf4YM=",
Copy link
Collaborator

@StevenACoffman StevenACoffman Mar 10, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you point to the documentation for where this mainSRI comes from? Is this something that needs to be updated along with the JS CDN link?

I think it is a Subresource Integrity check, but I don't know where you found this one. Is it listed on Apollo's CDN or documentation somewhere associated with this release?

Perhaps you took the JS URL and ran it through https://www.srihash.org/ with sha256 selected?

Or maybe downloaded that script locally and did:

cat FILENAME.js | openssl dgst -sha256 -binary | openssl base64 -A

Or

shasum -b -a 256 FILENAME.js | awk '{ print $1 }' | xxd -r -p | base64

Copy link
Contributor Author

@ergofriend ergofriend Mar 11, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you point to the documentation for where this mainSRI comes from?

Yes, I followed the MDN documentation Subresource Integrity - Web security | MDN to get the hash value locally because I figured I needed to specify the RSI from another Handler implementation.

<script rel="preload" as="script" type="text/javascript" crossorigin="anonymous" integrity="{{.mainSRI}}" src="main.js"></script>

I dit it.

CDN_FILE=https://embeddable-sandbox.cdn.apollographql.com/58165cf7452dbad480c7cb85e7acba085b3bac1d/embeddable-sandbox.umd.production.min.js
curl -s $CDN_FILE | openssl dgst -sha256 -binary | openssl base64 -A; echo

If subresource integrity is not required, it may be more convenient to always specify the most latest resource.

Copy link
Contributor Author

@ergofriend ergofriend Mar 11, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this something that needs to be updated along with the JS CDN link?

Yes, because the version is fixed by the commit hash. The integrity hash must be recomputed each time the version is bumped.
Of course, if use the latest resources, you don't have to deal with this.

@coveralls
Copy link

coveralls commented Mar 10, 2023

Coverage Status

Coverage: 78.675% (-0.2%) from 78.825% when pulling 6c2cc7d on ergofriend:add-apollo-sandbox-handler into 0bbc7f8 on 99designs:master.

new window.EmbeddedSandbox({
target: '#embedded-sandbox',
initialEndpoint: url,
persistExplorerState: true,

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it is necessary to enable includeCookies and disable pollForSchemaUpdates in initialState to make the playground work the same as the others

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would also be nice to have a link to the options documentation like https://www.apollographql.com/docs/graphos/explorer/sandbox/#initialendpoint (or possibly somewhere else)

Copy link
Contributor Author

@ergofriend ergofriend Mar 11, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, I will fix initial value and comment the description.

  • add initialState to be same behavior as others 796dacc
  • add docs link of configuration values 6c2cc7d

@StevenACoffman StevenACoffman merged commit 622039c into 99designs:master Mar 11, 2023
@StevenACoffman
Copy link
Collaborator

Thanks for this contribution!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants