pull down to refresh
1200 sats \ 1 reply \ @anon 8 Dec 2023 \ parent \ on: wen HN parity? i was told there would be a lambo API. meta
Speaking of which, if you're really determined to use GraphQL as your API, please be ready to charge a few sats per API call. Because if not some moronic idiot is going to think it's funny to flood the site with compute-expensive calls.
Every site I know of that exposes a GraphQL API is eventually forced to either (a) put users through CAPTCHA-hell (b) do browser fingerprinting, usually via cloudflare, (c) some kind of real-world identity linkage like SMS verification, or (d) some combination of the above.
I would hate to see that happen to SN.
I probably can't convince you that exposing GraphQL to anonymous callers is a bad idea, so hopefully I can convince you to be ready with something less awful than (a)(b)(c)(d) when the inevitable result occurs.
Thanks again for creating this awesome site.
Speaking of which, if you're really determined to use GraphQL as your API, please be ready to charge a few sats per API call. Because if not some moronic idiot is going to think it's funny to flood the site with compute-expensive calls.
we've considered it. we're going to do it when it's needed :)
so enjoy the free ride as long as it's possible :)
I probably can't convince you that exposing GraphQL to anonymous callers is a bad idea, so hopefully I can convince you to be ready with something less awful than (a)(b)(c)(d) when the inevitable result occurs.
no, you can, you actually don't even have to because i already somewhat agree :)
we're aware that GraphQL is vulnerable to n+1 queries and some malicious actor ... not going to continue for hopefully obvious reasons :)