Update modules/ROOT/pages/aura-graphql/api-creation.adoc

LackOfMorals · Liam-Doodson · web-flow · commit d8b70c9a1dd4 · 2025-04-29T08:47:08.000+01:00
works for me

Co-authored-by: Liam-Doodson &lt;114480811+Liam-Doodson@users.noreply.github.com&gt;
diff --git a/modules/ROOT/pages/aura-graphql/api-creation.adoc b/modules/ROOT/pages/aura-graphql/api-creation.adoc
@@ -21,12 +21,12 @@ image::aura-graphql/create/details.png[]
 +
 [CAUTION]
 ====
-**Enable introspection** and **Enable field suggestions** are intended for development or testing environments.
-Do not enable them for production systems as the information they provide can be used by unknown actors from reverse-engineering your GraphQL schema and executing arbitrary operations.
+If you set **Enable introspection** and **Enable field suggestions** for production systems the information they provide can be used by malicious actors to reverse-engineer your GraphQL schema and execute arbitrary operations.
 
 **Enable introspection** allows you to query the schema and discover the available queries, mutations, subscriptions, types and fields in the GraphQL API.  
 
-**Enable field suggestions** provides suggestions that hint towards GraphQL typos. 
+**Enable field suggestions** provides suggestions that hint towards GraphQL typos.
+Even with just field suggestions enabled, it is possible for a malicious actor to discover your entire schema.
 ====
 +
 . Type definitions

Original file line number	Diff line number	Diff line change
`@@ -21,12 +21,12 @@ image::aura-graphql/create/details.png[]`
`21`	`21`	`+`
`22`	`22`	`[CAUTION]`
`23`	`23`	`====`
`24`		`-Enable introspection and Enable field suggestions are intended for development or testing environments.`
`25`		`-Do not enable them for production systems as the information they provide can be used by unknown actors from reverse-engineering your GraphQL schema and executing arbitrary operations.`
	`24`	`+If you set Enable introspection and Enable field suggestions for production systems the information they provide can be used by malicious actors to reverse-engineer your GraphQL schema and execute arbitrary operations.`
`26`	`25`
`27`	`26`	`Enable introspection allows you to query the schema and discover the available queries, mutations, subscriptions, types and fields in the GraphQL API.`
`28`	`27`
`29`		`-Enable field suggestions provides suggestions that hint towards GraphQL typos.`
	`28`	`+Enable field suggestions provides suggestions that hint towards GraphQL typos.`
	`29`	`+Even with just field suggestions enabled, it is possible for a malicious actor to discover your entire schema.`
`30`	`30`	`====`
`31`	`31`	`+`
`32`	`32`	`. Type definitions`