Obfuscate response of apollo server lambda

I am deploying an app with apollo-server-lambda, and what I want to do is to hide data structure by obfuscating it. So my question is can someone point me to how I can mangle with response of apollo-server-lambda and modify content type to text and do something like base64 encoding on response body.

1 Like

You would probably have the best luck making a custom service for that calls your lambda, as according to the GraphQL spec, GraphQL does not base64 encode the response. In fact, I’m pretty sure according to spec anything other than the exact GraphQL spec’s contract is explicitly disallowed.

Trying to make a GraphQL framework accommodate something that is likely not a supported GraphQL use case is going to be a lot more difficult than just making your own service on top of your GraphQL server which modifies the response as you’d like.

To address the elephant in the room, I’m not really sure why you’d want to obfuscate the response in the first place.

If you’re using TLS, the traffic is encrypted. If you’re using mTLS, that’s both encrypted and effectively locked-down.

If I was a gray or black hat, and I encountered a response that’s not a plain response, but still utf-8 or ascii, I would run it through a base64 decode as step #1 of my poking and prodding.

If you’re really that desperate to prevent prying eyes, a simple basic auth header known only to you and the other party(ies), would be better than just base64 encoding.