|
| 1 | +# GraphQL-over-HTTP WG - 25th January 2024 |
| 2 | + |
| 3 | +**Watch the replay**: |
| 4 | +https://www.youtube.com/watch?v=nHSixplvCc0&list=PLP1igyLx8foEz9127xc0SsabIrbTMt9g5 |
| 5 | + |
| 6 | +Agenda: |
| 7 | +[https://github.com/graphql/graphql-over-http/blob/main/working-group/agendas/2024//07-Jul//25-graphql-over-http-wg-july-2024.md](https://github.com/graphql/graphql-over-http/blob/main/working-group/agendas/2024//07-Jul//25-graphql-over-http-wg-july-2024.md) |
| 8 | + |
| 9 | +- Action item: Talking to Apollo about persisted operations |
| 10 | + - Jovi: Biggest issue were the set identifiers |
| 11 | + - Jovi: They were also keen on moving away from extensions |
| 12 | +- Persisted operations identifier syntax (Martin) |
| 13 | + - Martin: Persisted documents, commented on the PR from Benjie for a formal |
| 14 | + syntax for the operation identifiers |
| 15 | + - Martin: follow-up PR |
| 16 | + [https://github.com/graphql/graphql-over-http/pull/296](https://github.com/graphql/graphql-over-http/pull/296) |
| 17 | + - Martin: Big question, should we restrict the characters to alphanumeric,...? |
| 18 | + - Martin: started with allowing everything, after a comment from Benjie |
| 19 | + restricted it more. |
| 20 | + - Martin: It’s always easier to relax rather than restrict the syntax |
| 21 | + - Martin: currently it’s restrictive allowing for URL-safe base64, checksums |
| 22 | + and guid |
| 23 | + - Martin: Does anyone need something else that is not captured in the PR? |
| 24 | + - Shane: Why forego an existing spec, i.e. using a smiley face in wikipedia |
| 25 | + encodes well as well |
| 26 | + - Benjie: as Martin said, it’s easier to relax than restrict - if there’s no |
| 27 | + solid use case for enabling additional characters we shouldn’t do so. |
| 28 | + - Benjie: the only missing one is allowing additional colons |
| 29 | + - Benjie: point to the RFC as copied it, non-normative |
| 30 | + - Benjie: I am in favor of this proposal |
| 31 | +- Persisted operations |
| 32 | + - Benjie: A change to /graphql/<hash>/<operation-name> |
| 33 | + - Benjie: traditional tooling can understand the format more |
| 34 | + - Benjie: the sub-path solution would solve a lot of the common grievances |
| 35 | + with GraphQL like easier debugging,... |
| 36 | + - Jovi: we would need to highlight how to handle variables when i.e. URL gets |
| 37 | + too long |
| 38 | + - David: we have to ensure that clients that don’t go out of spec |
| 39 | + - David: I don’t love the concept of documentId in the JSON body |
| 40 | +- Advancing the spec |
| 41 | + - Benjie: base spec excluding persisted operations is basically done and what |
| 42 | + everyone does anyway |
| 43 | + - Benjie: we should address security concerns, we have to be sensible as we |
| 44 | + don’t want to repeat the whole HTTP spec |
| 45 | + - Jovi: looking at prior art like gRPC they mention building on the HTTP/TLS |
| 46 | + spec |
| 47 | + - Shane: Things to explicitly note, Nature of GET vs POST and CORS |
| 48 | + - Samuel: being strict about content-type/… |
| 49 | + - Benjie: Good point, by saying that they _may_ use other encodings is |
| 50 | + stopping ourselves from using them in the future. Worth passing by Dennis |
| 51 | + - Benjie: There are a few encodings that I have used that aren’t in the spec |
0 commit comments