diff --git a/docs/interfaces/audits_common.AuditFail.md b/docs/interfaces/audits_common.AuditFail.md
index 1b810463..0824862e 100644
--- a/docs/interfaces/audits_common.AuditFail.md
+++ b/docs/interfaces/audits_common.AuditFail.md
@@ -17,6 +17,7 @@ is therefore not compliant.
- [name](audits_common.AuditFail.md#name)
- [reason](audits_common.AuditFail.md#reason)
+- [response](audits_common.AuditFail.md#response)
- [status](audits_common.AuditFail.md#status)
## Properties
@@ -33,6 +34,12 @@ ___
___
+### response
+
+• **response**: `Response`
+
+___
+
### status
• **status**: ``"warn"`` \| ``"error"``
diff --git a/implementations/apollo-server/README.md b/implementations/apollo-server/README.md
index b1a0b292..3871df62 100644
--- a/implementations/apollo-server/README.md
+++ b/implementations/apollo-server/README.md
@@ -63,108 +63,1072 @@ _* This report was auto-generated by graphql-http_
## Warnings
The server _SHOULD_ support these, but is not required.
-1. SHOULD assume application/json content-type when accept is missing
-```
-Status code 400 is not 200
-```
-2. MAY accept application/x-www-form-urlencoded formatted GET requests
-```
-Status code 400 is not 200
-```
-3. SHOULD use 200 status code with errors field on missing {query} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-4. SHOULD use 200 status code with errors field on object {query} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-5. SHOULD use 200 status code with errors field on number {query} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-6. SHOULD use 200 status code with errors field on boolean {query} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-7. SHOULD use 200 status code with errors field on array {query} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-8. SHOULD use 200 status code with errors field on object {operationName} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-9. SHOULD use 200 status code with errors field on number {operationName} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-10. SHOULD use 200 status code with errors field on boolean {operationName} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-11. SHOULD use 200 status code with errors field on array {operationName} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-12. SHOULD use 200 status code with errors field on string {variables} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-13. SHOULD use 200 status code with errors field on number {variables} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-14. SHOULD use 200 status code with errors field on boolean {variables} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-15. SHOULD use 200 status code with errors field on array {variables} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-16. MAY allow URL-encoded JSON string {variables} parameter in GETs when accepting application/graphql-response+json
-```
-Status code 400 is not 200
-```
-17. MAY allow URL-encoded JSON string {variables} parameter in GETs when accepting application/json
-```
-Status code 400 is not 200
-```
-18. SHOULD use 200 status code with errors field on string {extensions} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-19. SHOULD use 200 status code with errors field on number {extensions} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-20. SHOULD use 200 status code with errors field on boolean {extensions} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-21. SHOULD use 200 status code with errors field on array {extensions} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-22. SHOULD use 200 status code on JSON parsing failure when accepting application/json
-```
-Status code 400 is not 200
-```
-23. SHOULD use 200 status code if parameters are invalid when accepting application/json
-```
-Status code 400 is not 200
-```
-24. SHOULD use 200 status code on document parsing failure when accepting application/json
-```
-Status code 400 is not 200
-```
-25. SHOULD use 200 status code on document validation failure when accepting application/json
-```
-Status code 400 is not 200
-```
-26. SHOULD not contain the data entry on JSON parsing failure when accepting application/graphql-response+json
-```
-Response body is not valid JSON. Got "\n\n\n\nError\n\n\n
SyntaxError: Unexpected end of JSON input at JSON.parse (<anonymous>) at parse (/home/runner/work/graphql-http/graphql-http/node_modules/body-parser/lib/types/json.js:89:19) at /home/runner/work/graphql-http/graphql-http/node_modules/body-parser/lib/read.js:128:18 at AsyncResource.runInAsyncScope (node:async_hooks:204:9) at invokeCallback (/home/runner/work/graphql-http/graphql-http/node_modules/raw-body/index.js:231:16) at done (/home/runner/work/graphql-http/graphql-http/node_modules/raw-body/index.js:220:7) at IncomingMessage.onEnd (/home/runner/work/graphql-http/graphql-http/node_modules/raw-body/index.js:280:7) at IncomingMessage.emit (node:events:513:28) at endReadableNT (node:internal/streams/rea...
-```
+
+ 1. SHOULD assume application/json content-type when accept is missing
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "connection": "close",
+ "content-length": "1461",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "etag": "W/\"5b5-gDRXf8j0lbjWbmQpeY60iENT2cI\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n",
+ "extensions": {
+ "code": "BAD_REQUEST",
+ "stacktrace": [
+ "BadRequestError: This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight",
+ "",
+ " at new GraphQLErrorWithCode (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:7:9)",
+ " at new BadRequestError (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:75:9)",
+ " at preventCsrf (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/preventCsrf.js:29:11)",
+ " at ApolloServer.executeHTTPGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:478:17)",
+ " at process.processTicksAndRejections (node:internal/process/task_queues:95:5)"
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 2. MAY accept application/x-www-form-urlencoded formatted GET requests
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "connection": "close",
+ "content-length": "1461",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "etag": "W/\"5b5-gDRXf8j0lbjWbmQpeY60iENT2cI\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n",
+ "extensions": {
+ "code": "BAD_REQUEST",
+ "stacktrace": [
+ "BadRequestError: This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight",
+ "",
+ " at new GraphQLErrorWithCode (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:7:9)",
+ " at new BadRequestError (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:75:9)",
+ " at preventCsrf (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/preventCsrf.js:29:11)",
+ " at ApolloServer.executeHTTPGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:478:17)",
+ " at process.processTicksAndRejections (node:internal/process/task_queues:95:5)"
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 3. SHOULD use 200 status code with errors field on missing {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cache-control": "no-store",
+ "connection": "close",
+ "content-length": "1416",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "etag": "W/\"588-sZ+sg/c+DRv3ORN3VlSdMHvZRkc\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "GraphQL operations must contain a non-empty `query` or a `persistedQuery` extension.",
+ "extensions": {
+ "code": "BAD_REQUEST",
+ "stacktrace": [
+ "BadRequestError: GraphQL operations must contain a non-empty `query` or a `persistedQuery` extension.",
+ " at new GraphQLErrorWithCode (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:7:9)",
+ " at new BadRequestError (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:75:9)",
+ " at processGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/requestPipeline.js:68:13)",
+ " at process.processTicksAndRejections (node:internal/process/task_queues:95:5)",
+ " at async internalExecuteOperation (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:585:16)",
+ " at async runHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/runHttpQuery.js:129:29)",
+ " at async runPotentiallyBatchedHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/httpBatching.js:34:16)",
+ " at async ApolloServer.executeHTTPGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:496:20)"
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 4. SHOULD use 200 status code with errors field on object {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "connection": "close",
+ "content-length": "1144",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "etag": "W/\"478-8ij0f1w1MThNqXuYJcCeFgzpLvg\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "GraphQL queries must be strings.",
+ "extensions": {
+ "code": "BAD_REQUEST",
+ "stacktrace": [
+ "BadRequestError: GraphQL queries must be strings.",
+ " at new GraphQLErrorWithCode (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:7:9)",
+ " at new BadRequestError (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:75:9)",
+ " at ensureQueryIsStringOrMissing (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/runHttpQuery.js:67:15)",
+ " at runHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/runHttpQuery.js:77:13)",
+ " at runPotentiallyBatchedHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/httpBatching.js:34:22)",
+ " at ApolloServer.executeHTTPGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:496:26)",
+ " at process.processTicksAndRejections (node:internal/process/task_queues:95:5)"
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 5. SHOULD use 200 status code with errors field on number {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cache-control": "no-store",
+ "connection": "close",
+ "content-length": "1416",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "etag": "W/\"588-sZ+sg/c+DRv3ORN3VlSdMHvZRkc\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "GraphQL operations must contain a non-empty `query` or a `persistedQuery` extension.",
+ "extensions": {
+ "code": "BAD_REQUEST",
+ "stacktrace": [
+ "BadRequestError: GraphQL operations must contain a non-empty `query` or a `persistedQuery` extension.",
+ " at new GraphQLErrorWithCode (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:7:9)",
+ " at new BadRequestError (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:75:9)",
+ " at processGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/requestPipeline.js:68:13)",
+ " at process.processTicksAndRejections (node:internal/process/task_queues:95:5)",
+ " at async internalExecuteOperation (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:585:16)",
+ " at async runHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/runHttpQuery.js:129:29)",
+ " at async runPotentiallyBatchedHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/httpBatching.js:34:16)",
+ " at async ApolloServer.executeHTTPGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:496:20)"
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 6. SHOULD use 200 status code with errors field on boolean {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cache-control": "no-store",
+ "connection": "close",
+ "content-length": "1416",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "etag": "W/\"588-sZ+sg/c+DRv3ORN3VlSdMHvZRkc\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "GraphQL operations must contain a non-empty `query` or a `persistedQuery` extension.",
+ "extensions": {
+ "code": "BAD_REQUEST",
+ "stacktrace": [
+ "BadRequestError: GraphQL operations must contain a non-empty `query` or a `persistedQuery` extension.",
+ " at new GraphQLErrorWithCode (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:7:9)",
+ " at new BadRequestError (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:75:9)",
+ " at processGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/requestPipeline.js:68:13)",
+ " at process.processTicksAndRejections (node:internal/process/task_queues:95:5)",
+ " at async internalExecuteOperation (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:585:16)",
+ " at async runHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/runHttpQuery.js:129:29)",
+ " at async runPotentiallyBatchedHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/httpBatching.js:34:16)",
+ " at async ApolloServer.executeHTTPGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:496:20)"
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 7. SHOULD use 200 status code with errors field on array {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "connection": "close",
+ "content-length": "1144",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "etag": "W/\"478-8ij0f1w1MThNqXuYJcCeFgzpLvg\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "GraphQL queries must be strings.",
+ "extensions": {
+ "code": "BAD_REQUEST",
+ "stacktrace": [
+ "BadRequestError: GraphQL queries must be strings.",
+ " at new GraphQLErrorWithCode (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:7:9)",
+ " at new BadRequestError (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:75:9)",
+ " at ensureQueryIsStringOrMissing (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/runHttpQuery.js:67:15)",
+ " at runHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/runHttpQuery.js:77:13)",
+ " at runPotentiallyBatchedHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/httpBatching.js:34:22)",
+ " at ApolloServer.executeHTTPGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:496:26)",
+ " at process.processTicksAndRejections (node:internal/process/task_queues:95:5)"
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 8. SHOULD use 200 status code with errors field on object {operationName} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "connection": "close",
+ "content-length": "1050",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "etag": "W/\"41a-nyphxrE/ooK9c9ewfugL9Rqrh2Y\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "`operationName` in a POST body must be a string if provided.",
+ "extensions": {
+ "code": "BAD_REQUEST",
+ "stacktrace": [
+ "BadRequestError: `operationName` in a POST body must be a string if provided.",
+ " at new GraphQLErrorWithCode (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:7:9)",
+ " at new BadRequestError (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:75:9)",
+ " at runHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/runHttpQuery.js:97:23)",
+ " at runPotentiallyBatchedHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/httpBatching.js:34:22)",
+ " at ApolloServer.executeHTTPGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:496:26)",
+ " at process.processTicksAndRejections (node:internal/process/task_queues:95:5)"
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 9. SHOULD use 200 status code with errors field on number {operationName} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "connection": "close",
+ "content-length": "1050",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "etag": "W/\"41a-nyphxrE/ooK9c9ewfugL9Rqrh2Y\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "`operationName` in a POST body must be a string if provided.",
+ "extensions": {
+ "code": "BAD_REQUEST",
+ "stacktrace": [
+ "BadRequestError: `operationName` in a POST body must be a string if provided.",
+ " at new GraphQLErrorWithCode (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:7:9)",
+ " at new BadRequestError (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:75:9)",
+ " at runHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/runHttpQuery.js:97:23)",
+ " at runPotentiallyBatchedHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/httpBatching.js:34:22)",
+ " at ApolloServer.executeHTTPGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:496:26)",
+ " at process.processTicksAndRejections (node:internal/process/task_queues:95:5)"
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 10. SHOULD use 200 status code with errors field on boolean {operationName} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "connection": "close",
+ "content-length": "1050",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "etag": "W/\"41a-nyphxrE/ooK9c9ewfugL9Rqrh2Y\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "`operationName` in a POST body must be a string if provided.",
+ "extensions": {
+ "code": "BAD_REQUEST",
+ "stacktrace": [
+ "BadRequestError: `operationName` in a POST body must be a string if provided.",
+ " at new GraphQLErrorWithCode (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:7:9)",
+ " at new BadRequestError (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:75:9)",
+ " at runHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/runHttpQuery.js:97:23)",
+ " at runPotentiallyBatchedHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/httpBatching.js:34:22)",
+ " at ApolloServer.executeHTTPGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:496:26)",
+ " at process.processTicksAndRejections (node:internal/process/task_queues:95:5)"
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 11. SHOULD use 200 status code with errors field on array {operationName} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "connection": "close",
+ "content-length": "1050",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "etag": "W/\"41a-nyphxrE/ooK9c9ewfugL9Rqrh2Y\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "`operationName` in a POST body must be a string if provided.",
+ "extensions": {
+ "code": "BAD_REQUEST",
+ "stacktrace": [
+ "BadRequestError: `operationName` in a POST body must be a string if provided.",
+ " at new GraphQLErrorWithCode (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:7:9)",
+ " at new BadRequestError (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:75:9)",
+ " at runHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/runHttpQuery.js:97:23)",
+ " at runPotentiallyBatchedHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/httpBatching.js:34:22)",
+ " at ApolloServer.executeHTTPGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:496:26)",
+ " at process.processTicksAndRejections (node:internal/process/task_queues:95:5)"
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 12. SHOULD use 200 status code with errors field on string {variables} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "connection": "close",
+ "content-length": "1126",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "etag": "W/\"466-OpPmHAsn4oM5zvBonndNbzxWo1s\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "`variables` in a POST body should be provided as an object, not a recursively JSON-encoded string.",
+ "extensions": {
+ "code": "BAD_REQUEST",
+ "stacktrace": [
+ "BadRequestError: `variables` in a POST body should be provided as an object, not a recursively JSON-encoded string.",
+ " at new GraphQLErrorWithCode (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:7:9)",
+ " at new BadRequestError (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:75:9)",
+ " at runHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/runHttpQuery.js:79:23)",
+ " at runPotentiallyBatchedHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/httpBatching.js:34:22)",
+ " at ApolloServer.executeHTTPGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:496:26)",
+ " at process.processTicksAndRejections (node:internal/process/task_queues:95:5)"
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 13. SHOULD use 200 status code with errors field on number {variables} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "connection": "close",
+ "content-length": "1044",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "etag": "W/\"414-E6rr7b7CJtPuHGippFX8oDrojxw\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "`variables` in a POST body must be an object if provided.",
+ "extensions": {
+ "code": "BAD_REQUEST",
+ "stacktrace": [
+ "BadRequestError: `variables` in a POST body must be an object if provided.",
+ " at new GraphQLErrorWithCode (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:7:9)",
+ " at new BadRequestError (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:75:9)",
+ " at runHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/runHttpQuery.js:92:23)",
+ " at runPotentiallyBatchedHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/httpBatching.js:34:22)",
+ " at ApolloServer.executeHTTPGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:496:26)",
+ " at process.processTicksAndRejections (node:internal/process/task_queues:95:5)"
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 14. SHOULD use 200 status code with errors field on boolean {variables} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "connection": "close",
+ "content-length": "1044",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "etag": "W/\"414-E6rr7b7CJtPuHGippFX8oDrojxw\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "`variables` in a POST body must be an object if provided.",
+ "extensions": {
+ "code": "BAD_REQUEST",
+ "stacktrace": [
+ "BadRequestError: `variables` in a POST body must be an object if provided.",
+ " at new GraphQLErrorWithCode (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:7:9)",
+ " at new BadRequestError (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:75:9)",
+ " at runHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/runHttpQuery.js:92:23)",
+ " at runPotentiallyBatchedHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/httpBatching.js:34:22)",
+ " at ApolloServer.executeHTTPGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:496:26)",
+ " at process.processTicksAndRejections (node:internal/process/task_queues:95:5)"
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 15. SHOULD use 200 status code with errors field on array {variables} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "connection": "close",
+ "content-length": "1044",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "etag": "W/\"414-E6rr7b7CJtPuHGippFX8oDrojxw\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "`variables` in a POST body must be an object if provided.",
+ "extensions": {
+ "code": "BAD_REQUEST",
+ "stacktrace": [
+ "BadRequestError: `variables` in a POST body must be an object if provided.",
+ " at new GraphQLErrorWithCode (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:7:9)",
+ " at new BadRequestError (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:75:9)",
+ " at runHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/runHttpQuery.js:92:23)",
+ " at runPotentiallyBatchedHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/httpBatching.js:34:22)",
+ " at ApolloServer.executeHTTPGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:496:26)",
+ " at process.processTicksAndRejections (node:internal/process/task_queues:95:5)"
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 16. MAY allow URL-encoded JSON string {variables} parameter in GETs when accepting application/graphql-response+json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "connection": "close",
+ "content-length": "1461",
+ "content-type": "application/graphql-response+json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "etag": "W/\"5b5-gDRXf8j0lbjWbmQpeY60iENT2cI\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n",
+ "extensions": {
+ "code": "BAD_REQUEST",
+ "stacktrace": [
+ "BadRequestError: This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight",
+ "",
+ " at new GraphQLErrorWithCode (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:7:9)",
+ " at new BadRequestError (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:75:9)",
+ " at preventCsrf (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/preventCsrf.js:29:11)",
+ " at ApolloServer.executeHTTPGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:478:17)",
+ " at process.processTicksAndRejections (node:internal/process/task_queues:95:5)"
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 17. MAY allow URL-encoded JSON string {variables} parameter in GETs when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "connection": "close",
+ "content-length": "1461",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "etag": "W/\"5b5-gDRXf8j0lbjWbmQpeY60iENT2cI\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n",
+ "extensions": {
+ "code": "BAD_REQUEST",
+ "stacktrace": [
+ "BadRequestError: This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight",
+ "",
+ " at new GraphQLErrorWithCode (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:7:9)",
+ " at new BadRequestError (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:75:9)",
+ " at preventCsrf (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/preventCsrf.js:29:11)",
+ " at ApolloServer.executeHTTPGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:478:17)",
+ " at process.processTicksAndRejections (node:internal/process/task_queues:95:5)"
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 18. SHOULD use 200 status code with errors field on string {extensions} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "connection": "close",
+ "content-length": "1128",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "etag": "W/\"468-TPRc6cNxt9MLpN3l67KK+40WYlI\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "`extensions` in a POST body should be provided as an object, not a recursively JSON-encoded string.",
+ "extensions": {
+ "code": "BAD_REQUEST",
+ "stacktrace": [
+ "BadRequestError: `extensions` in a POST body should be provided as an object, not a recursively JSON-encoded string.",
+ " at new GraphQLErrorWithCode (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:7:9)",
+ " at new BadRequestError (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:75:9)",
+ " at runHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/runHttpQuery.js:82:23)",
+ " at runPotentiallyBatchedHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/httpBatching.js:34:22)",
+ " at ApolloServer.executeHTTPGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:496:26)",
+ " at process.processTicksAndRejections (node:internal/process/task_queues:95:5)"
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 19. SHOULD use 200 status code with errors field on number {extensions} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "connection": "close",
+ "content-length": "1046",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "etag": "W/\"416-3vSw59SW7xtE8bbw+NTHlFLLef4\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "`extensions` in a POST body must be an object if provided.",
+ "extensions": {
+ "code": "BAD_REQUEST",
+ "stacktrace": [
+ "BadRequestError: `extensions` in a POST body must be an object if provided.",
+ " at new GraphQLErrorWithCode (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:7:9)",
+ " at new BadRequestError (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:75:9)",
+ " at runHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/runHttpQuery.js:87:23)",
+ " at runPotentiallyBatchedHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/httpBatching.js:34:22)",
+ " at ApolloServer.executeHTTPGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:496:26)",
+ " at process.processTicksAndRejections (node:internal/process/task_queues:95:5)"
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 20. SHOULD use 200 status code with errors field on boolean {extensions} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "connection": "close",
+ "content-length": "1046",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "etag": "W/\"416-3vSw59SW7xtE8bbw+NTHlFLLef4\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "`extensions` in a POST body must be an object if provided.",
+ "extensions": {
+ "code": "BAD_REQUEST",
+ "stacktrace": [
+ "BadRequestError: `extensions` in a POST body must be an object if provided.",
+ " at new GraphQLErrorWithCode (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:7:9)",
+ " at new BadRequestError (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:75:9)",
+ " at runHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/runHttpQuery.js:87:23)",
+ " at runPotentiallyBatchedHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/httpBatching.js:34:22)",
+ " at ApolloServer.executeHTTPGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:496:26)",
+ " at process.processTicksAndRejections (node:internal/process/task_queues:95:5)"
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 21. SHOULD use 200 status code with errors field on array {extensions} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "connection": "close",
+ "content-length": "1046",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "etag": "W/\"416-3vSw59SW7xtE8bbw+NTHlFLLef4\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "`extensions` in a POST body must be an object if provided.",
+ "extensions": {
+ "code": "BAD_REQUEST",
+ "stacktrace": [
+ "BadRequestError: `extensions` in a POST body must be an object if provided.",
+ " at new GraphQLErrorWithCode (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:7:9)",
+ " at new BadRequestError (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:75:9)",
+ " at runHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/runHttpQuery.js:87:23)",
+ " at runPotentiallyBatchedHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/httpBatching.js:34:22)",
+ " at ApolloServer.executeHTTPGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:496:26)",
+ " at process.processTicksAndRejections (node:internal/process/task_queues:95:5)"
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 22. SHOULD use 200 status code on JSON parsing failure when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "connection": "close",
+ "content-length": "1108",
+ "content-security-policy": "default-src 'none'",
+ "content-type": "text/html; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "x-content-type-options": "nosniff",
+ "x-powered-by": "Express"
+ },
+ "body": "\n\n\n\nError\n\n\n
SyntaxError: Unexpected end of JSON input at JSON.parse (<anonymous>) at parse (/home/runner/work/graphql-http/graphql-http/node_modules/body-parser/lib/types/json.js:89:19) at /home/runner/work/graphql-http/graphql-http/node_modules/body-parser/lib/read.js:128:18 at AsyncResource.runInAsyncScope (node:async_hooks:204:9) at invokeCallback (/home/runner/work/graphql-http/graphql-http/node_modules/raw-body/index.js:231:16) at done (/home/runner/work/graphql-http/graphql-http/node_modules/raw-body/index.js:220:7) at IncomingMessage.onEnd (/home/runner/work/graphql-http/graphql-http/node_modules/raw-body/index.js:280:7) at IncomingMessage.emit (node:events:513:28) at endReadableNT (node:internal/streams/readable:1359:12) at process.processTicksAndRejections (node:internal/process/task_queues:82:21)
\n\n\n"
+ }
+ ```
+
+
+ 23. SHOULD use 200 status code if parameters are invalid when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cache-control": "no-store",
+ "connection": "close",
+ "content-length": "1416",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "etag": "W/\"588-sZ+sg/c+DRv3ORN3VlSdMHvZRkc\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "GraphQL operations must contain a non-empty `query` or a `persistedQuery` extension.",
+ "extensions": {
+ "code": "BAD_REQUEST",
+ "stacktrace": [
+ "BadRequestError: GraphQL operations must contain a non-empty `query` or a `persistedQuery` extension.",
+ " at new GraphQLErrorWithCode (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:7:9)",
+ " at new BadRequestError (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/internalErrorClasses.js:75:9)",
+ " at processGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/requestPipeline.js:68:13)",
+ " at process.processTicksAndRejections (node:internal/process/task_queues:95:5)",
+ " at async internalExecuteOperation (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:585:16)",
+ " at async runHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/runHttpQuery.js:129:29)",
+ " at async runPotentiallyBatchedHttpQuery (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/httpBatching.js:34:16)",
+ " at async ApolloServer.executeHTTPGraphQLRequest (file:///home/runner/work/graphql-http/graphql-http/node_modules/@apollo/server/dist/esm/ApolloServer.js:496:20)"
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 24. SHOULD use 200 status code on document parsing failure when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cache-control": "no-store",
+ "connection": "close",
+ "content-length": "1439",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "etag": "W/\"59f-wZcL/SqdL2p72c+22U9112bt9Sk\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Syntax Error: Expected Name, found .",
+ "locations": [
+ {
+ "line": 1,
+ "column": 2
+ }
+ ],
+ "extensions": {
+ "code": "GRAPHQL_PARSE_FAILED",
+ "stacktrace": [
+ "GraphQLError: Syntax Error: Expected Name, found .",
+ " at syntaxError (/home/runner/work/graphql-http/graphql-http/node_modules/graphql/error/syntaxError.js:15:10)",
+ " at Parser.expectToken (/home/runner/work/graphql-http/graphql-http/node_modules/graphql/language/parser.js:1397:40)",
+ " at Parser.parseName (/home/runner/work/graphql-http/graphql-http/node_modules/graphql/language/parser.js:108:24)",
+ " at Parser.parseField (/home/runner/work/graphql-http/graphql-http/node_modules/graphql/language/parser.js:347:30)",
+ " at Parser.parseSelection (/home/runner/work/graphql-http/graphql-http/node_modules/graphql/language/parser.js:337:14)",
+ " at Parser.many (/home/runner/work/graphql-http/graphql-http/node_modules/graphql/language/parser.js:1511:26)",
+ " at Parser.parseSelectionSet (/home/runner/work/graphql-http/graphql-http/node_modules/graphql/language/parser.js:320:24)",
+ " at Parser.parseOperationDefinition (/home/runner/work/graphql-http/graphql-http/node_modules/graphql/language/parser.js:231:28)",
+ " at Parser.parseDefinition (/home/runner/work/graphql-http/graphql-http/node_modules/graphql/language/parser.js:155:19)",
+ " at Parser.many (/home/runner/work/graphql-http/graphql-http/node_modules/graphql/language/parser.js:1511:26)"
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 25. SHOULD use 200 status code on document validation failure when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cache-control": "no-store",
+ "connection": "close",
+ "content-length": "1454",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "etag": "W/\"5ae-cH8StyqXwjsvF8Ml3ZMaXdrpW14\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Syntax Error: Invalid number, expected digit but got: \"f\".",
+ "locations": [
+ {
+ "line": 1,
+ "column": 4
+ }
+ ],
+ "extensions": {
+ "code": "GRAPHQL_PARSE_FAILED",
+ "stacktrace": [
+ "GraphQLError: Syntax Error: Invalid number, expected digit but got: \"f\".",
+ " at syntaxError (/home/runner/work/graphql-http/graphql-http/node_modules/graphql/error/syntaxError.js:15:10)",
+ " at readNumber (/home/runner/work/graphql-http/graphql-http/node_modules/graphql/language/lexer.js:550:40)",
+ " at readNextToken (/home/runner/work/graphql-http/graphql-http/node_modules/graphql/language/lexer.js:413:14)",
+ " at Lexer.lookahead (/home/runner/work/graphql-http/graphql-http/node_modules/graphql/language/lexer.js:84:29)",
+ " at Lexer.advance (/home/runner/work/graphql-http/graphql-http/node_modules/graphql/language/lexer.js:67:38)",
+ " at Parser.advanceLexer (/home/runner/work/graphql-http/graphql-http/node_modules/graphql/language/parser.js:1536:31)",
+ " at Parser.expectToken (/home/runner/work/graphql-http/graphql-http/node_modules/graphql/language/parser.js:1393:12)",
+ " at Parser.many (/home/runner/work/graphql-http/graphql-http/node_modules/graphql/language/parser.js:1507:10)",
+ " at Parser.parseSelectionSet (/home/runner/work/graphql-http/graphql-http/node_modules/graphql/language/parser.js:320:24)",
+ " at Parser.parseOperationDefinition (/home/runner/work/graphql-http/graphql-http/node_modules/graphql/language/parser.js:231:28)"
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 26. SHOULD not contain the data entry on JSON parsing failure when accepting application/graphql-response+json
+
+
+ Response body is not valid JSON
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "connection": "close",
+ "content-length": "1108",
+ "content-security-policy": "default-src 'none'",
+ "content-type": "text/html; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:59 GMT",
+ "x-content-type-options": "nosniff",
+ "x-powered-by": "Express"
+ }
+ }
+ ```
+
+
diff --git a/implementations/deno/README.md b/implementations/deno/README.md
index 3a2be612..2d07bdbe 100644
--- a/implementations/deno/README.md
+++ b/implementations/deno/README.md
@@ -43,194 +43,958 @@ _* This report was auto-generated by graphql-http_
## Warnings
The server _SHOULD_ support these, but is not required.
-1. SHOULD accept application/graphql-response+json and match the content-type
-```
-Status code 406 is not 200
-```
-2. SHOULD use 400 status code on missing {query} parameter when accepting application/graphql-response+json
-```
-Status code 406 is not 400
-```
-3. SHOULD use 400 status code on object {query} parameter when accepting application/graphql-response+json
-```
-Status code 406 is not 400
-```
-4. SHOULD use 400 status code on number {query} parameter when accepting application/graphql-response+json
-```
-Status code 406 is not 400
-```
-5. SHOULD use 400 status code on boolean {query} parameter when accepting application/graphql-response+json
-```
-Status code 406 is not 400
-```
-6. SHOULD use 400 status code on array {query} parameter when accepting application/graphql-response+json
-```
-Status code 406 is not 400
-```
-7. SHOULD allow string {query} parameter when accepting application/graphql-response+json
-```
-Status code 406 is not 200
-```
-8. SHOULD use 400 status code on object {operationName} parameter when accepting application/graphql-response+json
-```
-Status code 406 is not 400
-```
-9. SHOULD use 400 status code on number {operationName} parameter when accepting application/graphql-response+json
-```
-Status code 406 is not 400
-```
-10. SHOULD use 400 status code on boolean {operationName} parameter when accepting application/graphql-response+json
-```
-Status code 406 is not 400
-```
-11. SHOULD use 400 status code on array {operationName} parameter when accepting application/graphql-response+json
-```
-Status code 406 is not 400
-```
-12. SHOULD allow string {operationName} parameter when accepting application/graphql-response+json
-```
-Status code 406 is not 200
-```
-13. SHOULD allow null {variables} parameter when accepting application/graphql-response+json
-```
-Status code 406 is not 200
-```
-14. SHOULD allow null {operationName} parameter when accepting application/graphql-response+json
-```
-Status code 406 is not 200
-```
-15. SHOULD allow null {extensions} parameter when accepting application/graphql-response+json
-```
-Status code 406 is not 200
-```
-16. SHOULD use 400 status code on string {variables} parameter when accepting application/graphql-response+json
-```
-Status code 406 is not 400
-```
-17. SHOULD use 400 status code on number {variables} parameter when accepting application/graphql-response+json
-```
-Status code 406 is not 400
-```
-18. SHOULD use 400 status code on boolean {variables} parameter when accepting application/graphql-response+json
-```
-Status code 406 is not 400
-```
-19. SHOULD use 400 status code on array {variables} parameter when accepting application/graphql-response+json
-```
-Status code 406 is not 400
-```
-20. SHOULD use 200 status code with errors field on string {variables} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-21. SHOULD use 200 status code with errors field on number {variables} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-22. SHOULD use 200 status code with errors field on boolean {variables} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-23. SHOULD use 200 status code with errors field on array {variables} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-24. SHOULD allow map {variables} parameter when accepting application/graphql-response+json
-```
-Status code 406 is not 200
-```
-25. MAY allow URL-encoded JSON string {variables} parameter in GETs when accepting application/graphql-response+json
-```
-Status code 406 is not 200
-```
-26. MAY allow URL-encoded JSON string {variables} parameter in GETs when accepting application/json
-```
-Execution result {"errors":[{"message":"Variable \"$name\" of required type \"String!\" was not provided.","locations":[{"line":1,"column":12}]}]} does have a property 'errors'
-```
-27. SHOULD use 400 status code on string {extensions} parameter when accepting application/graphql-response+json
-```
-Status code 406 is not 400
-```
-28. SHOULD use 400 status code on number {extensions} parameter when accepting application/graphql-response+json
-```
-Status code 406 is not 400
-```
-29. SHOULD use 400 status code on boolean {extensions} parameter when accepting application/graphql-response+json
-```
-Status code 406 is not 400
-```
-30. SHOULD use 400 status code on array {extensions} parameter when accepting application/graphql-response+json
-```
-Status code 406 is not 400
-```
-31. SHOULD use 200 status code with errors field on string {extensions} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-32. SHOULD use 200 status code with errors field on number {extensions} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-33. SHOULD use 200 status code with errors field on boolean {extensions} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-34. SHOULD use 200 status code with errors field on array {extensions} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-35. SHOULD allow map {extensions} parameter when accepting application/graphql-response+json
-```
-Status code 406 is not 200
-```
-36. SHOULD use 200 status code on JSON parsing failure when accepting application/json
-```
-Status code 400 is not 200
-```
-37. SHOULD use 400 status code on JSON parsing failure when accepting application/graphql-response+json
-```
-Status code 406 is not 400
-```
-38. SHOULD not contain the data entry on JSON parsing failure when accepting application/graphql-response+json
-```
-Response body is not valid JSON. Got "Not Acceptable"
-```
-39. SHOULD use 400 status code if parameters are invalid when accepting application/graphql-response+json
-```
-Status code 406 is not 400
-```
-40. SHOULD not contain the data entry if parameters are invalid when accepting application/graphql-response+json
-```
-Response body is not valid JSON. Got "Not Acceptable"
-```
-41. SHOULD use 400 status code on document parsing failure when accepting application/graphql-response+json
-```
-Status code 406 is not 400
-```
-42. SHOULD not contain the data entry on document parsing failure when accepting application/graphql-response+json
-```
-Response body is not valid JSON. Got "Not Acceptable"
-```
-43. SHOULD use 400 status code on document validation failure when accepting application/graphql-response+json
-```
-Status code 406 is not 400
-```
-44. SHOULD not contain the data entry on document validation failure when accepting application/graphql-response+json
-```
-Response body is not valid JSON. Got "Not Acceptable"
-```
+
+ 1. SHOULD accept application/graphql-response+json and match the content-type
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 2. SHOULD use 400 status code on missing {query} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 3. SHOULD use 400 status code on object {query} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 4. SHOULD use 400 status code on number {query} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 5. SHOULD use 400 status code on boolean {query} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 6. SHOULD use 400 status code on array {query} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 7. SHOULD allow string {query} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 8. SHOULD use 400 status code on object {operationName} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 9. SHOULD use 400 status code on number {operationName} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 10. SHOULD use 400 status code on boolean {operationName} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 11. SHOULD use 400 status code on array {operationName} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 12. SHOULD allow string {operationName} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 13. SHOULD allow null {variables} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 14. SHOULD allow null {operationName} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 15. SHOULD allow null {extensions} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 16. SHOULD use 400 status code on string {variables} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 17. SHOULD use 400 status code on number {variables} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 18. SHOULD use 400 status code on boolean {variables} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 19. SHOULD use 400 status code on array {variables} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 20. SHOULD use 200 status code with errors field on string {variables} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "content-encoding": "gzip",
+ "content-length": "42",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Malformed Request Body"
+ }
+ ```
+
+
+ 21. SHOULD use 200 status code with errors field on number {variables} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "content-encoding": "gzip",
+ "content-length": "42",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Malformed Request Body"
+ }
+ ```
+
+
+ 22. SHOULD use 200 status code with errors field on boolean {variables} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "content-encoding": "gzip",
+ "content-length": "42",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Malformed Request Body"
+ }
+ ```
+
+
+ 23. SHOULD use 200 status code with errors field on array {variables} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "content-encoding": "gzip",
+ "content-length": "59",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ }
+ }
+ ```
+
+
+ 24. SHOULD allow map {variables} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 25. MAY allow URL-encoded JSON string {variables} parameter in GETs when accepting application/graphql-response+json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 26. MAY allow URL-encoded JSON string {variables} parameter in GETs when accepting application/json
+
+
+ Response body execution result has a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "content-encoding": "gzip",
+ "content-length": "163",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ }
+ }
+ ```
+
+
+ 27. SHOULD use 400 status code on string {extensions} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 28. SHOULD use 400 status code on number {extensions} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 29. SHOULD use 400 status code on boolean {extensions} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 30. SHOULD use 400 status code on array {extensions} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 31. SHOULD use 200 status code with errors field on string {extensions} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "content-encoding": "gzip",
+ "content-length": "59",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ }
+ }
+ ```
+
+
+ 32. SHOULD use 200 status code with errors field on number {extensions} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "content-encoding": "gzip",
+ "content-length": "59",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ }
+ }
+ ```
+
+
+ 33. SHOULD use 200 status code with errors field on boolean {extensions} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "content-encoding": "gzip",
+ "content-length": "59",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ }
+ }
+ ```
+
+
+ 34. SHOULD use 200 status code with errors field on array {extensions} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "content-encoding": "gzip",
+ "content-length": "59",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ }
+ }
+ ```
+
+
+ 35. SHOULD allow map {extensions} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 36. SHOULD use 200 status code on JSON parsing failure when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "content-encoding": "gzip",
+ "content-length": "42",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Malformed Request Body"
+ }
+ ```
+
+
+ 37. SHOULD use 400 status code on JSON parsing failure when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 38. SHOULD not contain the data entry on JSON parsing failure when accepting application/graphql-response+json
+
+
+ Response body is not valid JSON
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ }
+ }
+ ```
+
+
+ 39. SHOULD use 400 status code if parameters are invalid when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 40. SHOULD not contain the data entry if parameters are invalid when accepting application/graphql-response+json
+
+
+ Response body is not valid JSON
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ }
+ }
+ ```
+
+
+ 41. SHOULD use 400 status code on document parsing failure when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 42. SHOULD not contain the data entry on document parsing failure when accepting application/graphql-response+json
+
+
+ Response body is not valid JSON
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ }
+ }
+ ```
+
+
+ 43. SHOULD use 400 status code on document validation failure when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not Acceptable"
+ }
+ ```
+
+
+ 44. SHOULD not contain the data entry on document validation failure when accepting application/graphql-response+json
+
+
+ Response body is not valid JSON
+
+ ```json
+ {
+ "status": 406,
+ "statusText": "Not Acceptable",
+ "headers": {
+ "content-length": "14",
+ "content-type": "text/plain;charset=UTF-8",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ }
+ }
+ ```
+
+
## Errors
The server _MUST_ support these.
-1. MUST use utf-8 encoding when responding
-```
-Body is not UTF-8 encoded
-```
-2. MUST accept utf-8 encoding
-```
-Content-Type header "application/json" does not contain "utf-8"
-```
-3. MUST assume utf-8 if encoding is unspecified
-```
-Content-Type header "application/json" does not contain "utf-8"
-```
+
+ 1. MUST use utf-8 encoding when responding
+
+
+ Response body is not UTF-8 encoded
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "content-encoding": "gzip",
+ "content-length": "59",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ }
+ }
+ ```
+
+
+ 2. MUST accept utf-8 encoding
+
+
+ Response header content-type does not contain utf-8
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "content-encoding": "gzip",
+ "content-length": "59",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 3. MUST assume utf-8 if encoding is unspecified
+
+
+ Response header content-type does not contain utf-8
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "content-encoding": "gzip",
+ "content-length": "59",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:27:11 GMT",
+ "vary": "Accept-Encoding"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
diff --git a/implementations/express-graphql/README.md b/implementations/express-graphql/README.md
index 353c9c93..e7fb543e 100644
--- a/implementations/express-graphql/README.md
+++ b/implementations/express-graphql/README.md
@@ -56,136 +56,840 @@ _* This report was auto-generated by graphql-http_
## Warnings
The server _SHOULD_ support these, but is not required.
-1. SHOULD accept application/graphql-response+json and match the content-type
-```
-Content-Type header "application/json; charset=utf-8" does not contain "application/graphql-response+json"
-```
-2. SHOULD use 200 status code with errors field on missing {query} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-3. SHOULD use 200 status code with errors field on object {query} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-4. SHOULD use 200 status code with errors field on number {query} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-5. SHOULD use 200 status code with errors field on boolean {query} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-6. SHOULD use 200 status code with errors field on array {query} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-7. SHOULD use 400 status code on object {operationName} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-8. SHOULD use 400 status code on number {operationName} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-9. SHOULD use 400 status code on boolean {operationName} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-10. SHOULD use 400 status code on array {operationName} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-11. SHOULD use 200 status code with errors field on object {operationName} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-12. SHOULD use 200 status code with errors field on number {operationName} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-13. SHOULD use 200 status code with errors field on boolean {operationName} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-14. SHOULD use 200 status code with errors field on array {operationName} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-15. SHOULD use 400 status code on number {variables} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-16. SHOULD use 400 status code on boolean {variables} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-17. SHOULD use 400 status code on array {variables} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-18. SHOULD use 200 status code with errors field on string {variables} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-19. SHOULD use 200 status code with errors field on number {variables} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-20. SHOULD use 200 status code with errors field on boolean {variables} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-21. SHOULD use 200 status code with errors field on array {variables} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-22. SHOULD use 400 status code on string {extensions} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-23. SHOULD use 400 status code on number {extensions} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-24. SHOULD use 400 status code on boolean {extensions} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-25. SHOULD use 400 status code on array {extensions} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-26. SHOULD use 200 status code with errors field on string {extensions} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-27. SHOULD use 200 status code with errors field on number {extensions} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-28. SHOULD use 200 status code with errors field on boolean {extensions} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-29. SHOULD use 200 status code with errors field on array {extensions} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-30. SHOULD use 200 status code on JSON parsing failure when accepting application/json
-```
-Status code 400 is not 200
-```
-31. SHOULD use 200 status code if parameters are invalid when accepting application/json
-```
-Status code 400 is not 200
-```
-32. SHOULD use 200 status code on document parsing failure when accepting application/json
-```
-Status code 400 is not 200
-```
-33. SHOULD use 200 status code on document validation failure when accepting application/json
-```
-Status code 400 is not 200
-```
+
+ 1. SHOULD accept application/graphql-response+json and match the content-type
+
+
+ Response header content-type does not contain application/graphql-response+json
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"1f-yOwhVHjWKeagyuteVuktj+6mcMg\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 2. SHOULD use 200 status code with errors field on missing {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "53",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"35-rkfaW07yp80JIwkYI6hoaXIO3bI\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Must provide query string."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 3. SHOULD use 200 status code with errors field on object {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "53",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"35-rkfaW07yp80JIwkYI6hoaXIO3bI\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Must provide query string."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 4. SHOULD use 200 status code with errors field on number {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "53",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"35-rkfaW07yp80JIwkYI6hoaXIO3bI\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Must provide query string."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 5. SHOULD use 200 status code with errors field on boolean {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "53",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"35-rkfaW07yp80JIwkYI6hoaXIO3bI\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Must provide query string."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 6. SHOULD use 200 status code with errors field on array {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "53",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"35-rkfaW07yp80JIwkYI6hoaXIO3bI\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Must provide query string."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 7. SHOULD use 400 status code on object {operationName} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"1f-yOwhVHjWKeagyuteVuktj+6mcMg\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 8. SHOULD use 400 status code on number {operationName} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"1f-yOwhVHjWKeagyuteVuktj+6mcMg\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 9. SHOULD use 400 status code on boolean {operationName} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"1f-yOwhVHjWKeagyuteVuktj+6mcMg\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 10. SHOULD use 400 status code on array {operationName} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"1f-yOwhVHjWKeagyuteVuktj+6mcMg\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 11. SHOULD use 200 status code with errors field on object {operationName} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"1f-yOwhVHjWKeagyuteVuktj+6mcMg\"",
+ "x-powered-by": "Express"
+ }
+ }
+ ```
+
+
+ 12. SHOULD use 200 status code with errors field on number {operationName} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"1f-yOwhVHjWKeagyuteVuktj+6mcMg\"",
+ "x-powered-by": "Express"
+ }
+ }
+ ```
+
+
+ 13. SHOULD use 200 status code with errors field on boolean {operationName} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"1f-yOwhVHjWKeagyuteVuktj+6mcMg\"",
+ "x-powered-by": "Express"
+ }
+ }
+ ```
+
+
+ 14. SHOULD use 200 status code with errors field on array {operationName} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"1f-yOwhVHjWKeagyuteVuktj+6mcMg\"",
+ "x-powered-by": "Express"
+ }
+ }
+ ```
+
+
+ 15. SHOULD use 400 status code on number {variables} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"1f-yOwhVHjWKeagyuteVuktj+6mcMg\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 16. SHOULD use 400 status code on boolean {variables} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"1f-yOwhVHjWKeagyuteVuktj+6mcMg\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 17. SHOULD use 400 status code on array {variables} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"1f-yOwhVHjWKeagyuteVuktj+6mcMg\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 18. SHOULD use 200 status code with errors field on string {variables} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "54",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"36-+LiPix1LCLv9gfzrc5wfPL4GHbM\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Variables are invalid JSON."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 19. SHOULD use 200 status code with errors field on number {variables} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"1f-yOwhVHjWKeagyuteVuktj+6mcMg\"",
+ "x-powered-by": "Express"
+ }
+ }
+ ```
+
+
+ 20. SHOULD use 200 status code with errors field on boolean {variables} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"1f-yOwhVHjWKeagyuteVuktj+6mcMg\"",
+ "x-powered-by": "Express"
+ }
+ }
+ ```
+
+
+ 21. SHOULD use 200 status code with errors field on array {variables} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"1f-yOwhVHjWKeagyuteVuktj+6mcMg\"",
+ "x-powered-by": "Express"
+ }
+ }
+ ```
+
+
+ 22. SHOULD use 400 status code on string {extensions} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"1f-yOwhVHjWKeagyuteVuktj+6mcMg\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 23. SHOULD use 400 status code on number {extensions} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"1f-yOwhVHjWKeagyuteVuktj+6mcMg\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 24. SHOULD use 400 status code on boolean {extensions} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"1f-yOwhVHjWKeagyuteVuktj+6mcMg\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 25. SHOULD use 400 status code on array {extensions} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"1f-yOwhVHjWKeagyuteVuktj+6mcMg\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 26. SHOULD use 200 status code with errors field on string {extensions} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"1f-yOwhVHjWKeagyuteVuktj+6mcMg\"",
+ "x-powered-by": "Express"
+ }
+ }
+ ```
+
+
+ 27. SHOULD use 200 status code with errors field on number {extensions} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"1f-yOwhVHjWKeagyuteVuktj+6mcMg\"",
+ "x-powered-by": "Express"
+ }
+ }
+ ```
+
+
+ 28. SHOULD use 200 status code with errors field on boolean {extensions} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"1f-yOwhVHjWKeagyuteVuktj+6mcMg\"",
+ "x-powered-by": "Express"
+ }
+ }
+ ```
+
+
+ 29. SHOULD use 200 status code with errors field on array {extensions} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"1f-yOwhVHjWKeagyuteVuktj+6mcMg\"",
+ "x-powered-by": "Express"
+ }
+ }
+ ```
+
+
+ 30. SHOULD use 200 status code on JSON parsing failure when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "55",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"37-xijHDWdp/snSS4p0BKd+UCmvfYk\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "POST body sent invalid JSON."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 31. SHOULD use 200 status code if parameters are invalid when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "53",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"35-rkfaW07yp80JIwkYI6hoaXIO3bI\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Must provide query string."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 32. SHOULD use 200 status code on document parsing failure when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "104",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"68-Xc/MwYKGMF54XYivaA3tsxvGHZM\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Syntax Error: Expected Name, found .",
+ "locations": [
+ {
+ "line": 1,
+ "column": 2
+ }
+ ]
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 33. SHOULD use 200 status code on document validation failure when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "123",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:09 GMT",
+ "etag": "W/\"7b-vh2QJW5nlT/MclH/TbhHlNDXWZE\"",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Syntax Error: Invalid number, expected digit but got: \"f\".",
+ "locations": [
+ {
+ "line": 1,
+ "column": 4
+ }
+ ]
+ }
+ ]
+ }
+ }
+ ```
+
+
diff --git a/implementations/graphql-helix/README.md b/implementations/graphql-helix/README.md
index 9c819d2d..c27c87cf 100644
--- a/implementations/graphql-helix/README.md
+++ b/implementations/graphql-helix/README.md
@@ -58,134 +58,798 @@ _* This report was auto-generated by graphql-http_
## Warnings
The server _SHOULD_ support these, but is not required.
-1. SHOULD accept application/graphql-response+json and match the content-type
-```
-Content-Type header "application/json" does not contain "application/graphql-response+json"
-```
-2. SHOULD use 200 status code with errors field on missing {query} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-3. SHOULD use 200 status code with errors field on object {query} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-4. SHOULD use 200 status code with errors field on number {query} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-5. SHOULD use 200 status code with errors field on boolean {query} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-6. SHOULD use 200 status code with errors field on array {query} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-7. SHOULD use 200 status code with errors field on object {operationName} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-8. SHOULD use 200 status code with errors field on number {operationName} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-9. SHOULD use 200 status code with errors field on boolean {operationName} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-10. SHOULD use 200 status code with errors field on array {operationName} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-11. SHOULD use 400 status code on number {variables} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-12. SHOULD use 400 status code on boolean {variables} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-13. SHOULD use 400 status code on array {variables} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-14. SHOULD use 200 status code with errors field on string {variables} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-15. SHOULD use 200 status code with errors field on number {variables} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-16. SHOULD use 200 status code with errors field on boolean {variables} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-17. SHOULD use 200 status code with errors field on array {variables} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-18. SHOULD use 400 status code on string {extensions} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-19. SHOULD use 400 status code on number {extensions} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-20. SHOULD use 400 status code on boolean {extensions} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-21. SHOULD use 400 status code on array {extensions} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-22. SHOULD use 200 status code with errors field on string {extensions} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-23. SHOULD use 200 status code with errors field on number {extensions} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-24. SHOULD use 200 status code with errors field on boolean {extensions} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-25. SHOULD use 200 status code with errors field on array {extensions} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-26. SHOULD use 200 status code on JSON parsing failure when accepting application/json
-```
-Status code 400 is not 200
-```
-27. SHOULD use 200 status code if parameters are invalid when accepting application/json
-```
-Status code 400 is not 200
-```
-28. SHOULD use 200 status code on document parsing failure when accepting application/json
-```
-Status code 400 is not 200
-```
-29. SHOULD use 200 status code on document validation failure when accepting application/json
-```
-Status code 400 is not 200
-```
-30. SHOULD not contain the data entry on JSON parsing failure when accepting application/graphql-response+json
-```
-Response body is not valid JSON. Got "\n\n\n\nError\n\n\n
SyntaxError: Unexpected end of JSON input at JSON.parse (<anonymous>) at parse (/home/runner/work/graphql-http/graphql-http/node_modules/body-parser/lib/types/json.js:89:19) at /home/runner/work/graphql-http/graphql-http/node_modules/body-parser/lib/read.js:128:18 at AsyncResource.runInAsyncScope (node:async_hooks:204:9) at invokeCallback (/home/runner/work/graphql-http/graphql-http/node_modules/raw-body/index.js:231:16) at done (/home/runner/work/graphql-http/graphql-http/node_modules/raw-body/index.js:220:7) at IncomingMessage.onEnd (/home/runner/work/graphql-http/graphql-http/node_modules/raw-body/index.js:280:7) at IncomingMessage.emit (node:events:513:28) at endReadableNT (node:internal/streams/rea...
-```
+
+ 1. SHOULD accept application/graphql-response+json and match the content-type
+
+
+ Response header content-type does not contain application/graphql-response+json
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 2. SHOULD use 200 status code with errors field on missing {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "53",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Must provide query string."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 3. SHOULD use 200 status code with errors field on object {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "15",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {}
+ ]
+ }
+ }
+ ```
+
+
+ 4. SHOULD use 200 status code with errors field on number {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "15",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {}
+ ]
+ }
+ }
+ ```
+
+
+ 5. SHOULD use 200 status code with errors field on boolean {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "15",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {}
+ ]
+ }
+ }
+ ```
+
+
+ 6. SHOULD use 200 status code with errors field on array {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "15",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {}
+ ]
+ }
+ }
+ ```
+
+
+ 7. SHOULD use 200 status code with errors field on object {operationName} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "73",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Could not determine what operation to execute."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 8. SHOULD use 200 status code with errors field on number {operationName} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "73",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Could not determine what operation to execute."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 9. SHOULD use 200 status code with errors field on boolean {operationName} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "73",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Could not determine what operation to execute."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 10. SHOULD use 200 status code with errors field on array {operationName} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "73",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Could not determine what operation to execute."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 11. SHOULD use 400 status code on number {variables} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 12. SHOULD use 400 status code on boolean {variables} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 13. SHOULD use 400 status code on array {variables} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 14. SHOULD use 200 status code with errors field on string {variables} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "54",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Variables are invalid JSON."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 15. SHOULD use 200 status code with errors field on number {variables} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ }
+ }
+ ```
+
+
+ 16. SHOULD use 200 status code with errors field on boolean {variables} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ }
+ }
+ ```
+
+
+ 17. SHOULD use 200 status code with errors field on array {variables} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ }
+ }
+ ```
+
+
+ 18. SHOULD use 400 status code on string {extensions} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 19. SHOULD use 400 status code on number {extensions} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 20. SHOULD use 400 status code on boolean {extensions} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 21. SHOULD use 400 status code on array {extensions} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 22. SHOULD use 200 status code with errors field on string {extensions} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ }
+ }
+ ```
+
+
+ 23. SHOULD use 200 status code with errors field on number {extensions} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ }
+ }
+ ```
+
+
+ 24. SHOULD use 200 status code with errors field on boolean {extensions} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ }
+ }
+ ```
+
+
+ 25. SHOULD use 200 status code with errors field on array {extensions} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ }
+ }
+ ```
+
+
+ 26. SHOULD use 200 status code on JSON parsing failure when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "1108",
+ "content-security-policy": "default-src 'none'",
+ "content-type": "text/html; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-content-type-options": "nosniff",
+ "x-powered-by": "Express"
+ },
+ "body": "\n\n\n\nError\n\n\n
SyntaxError: Unexpected end of JSON input at JSON.parse (<anonymous>) at parse (/home/runner/work/graphql-http/graphql-http/node_modules/body-parser/lib/types/json.js:89:19) at /home/runner/work/graphql-http/graphql-http/node_modules/body-parser/lib/read.js:128:18 at AsyncResource.runInAsyncScope (node:async_hooks:204:9) at invokeCallback (/home/runner/work/graphql-http/graphql-http/node_modules/raw-body/index.js:231:16) at done (/home/runner/work/graphql-http/graphql-http/node_modules/raw-body/index.js:220:7) at IncomingMessage.onEnd (/home/runner/work/graphql-http/graphql-http/node_modules/raw-body/index.js:280:7) at IncomingMessage.emit (node:events:513:28) at endReadableNT (node:internal/streams/readable:1359:12) at process.processTicksAndRejections (node:internal/process/task_queues:82:21)
\n\n\n"
+ }
+ ```
+
+
+ 27. SHOULD use 200 status code if parameters are invalid when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "53",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Must provide query string."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 28. SHOULD use 200 status code on document parsing failure when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "104",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Syntax Error: Expected Name, found .",
+ "locations": [
+ {
+ "line": 1,
+ "column": 2
+ }
+ ]
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 29. SHOULD use 200 status code on document validation failure when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "123",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Syntax Error: Invalid number, expected digit but got: \"f\".",
+ "locations": [
+ {
+ "line": 1,
+ "column": 4
+ }
+ ]
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 30. SHOULD not contain the data entry on JSON parsing failure when accepting application/graphql-response+json
+
+
+ Response body is not valid JSON
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "1108",
+ "content-security-policy": "default-src 'none'",
+ "content-type": "text/html; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-content-type-options": "nosniff",
+ "x-powered-by": "Express"
+ }
+ }
+ ```
+
+
## Errors
The server _MUST_ support these.
-1. MUST accept utf-8 encoding
-```
-Content-Type header "application/json" does not contain "utf-8"
-```
-2. MUST assume utf-8 if encoding is unspecified
-```
-Content-Type header "application/json" does not contain "utf-8"
-```
+
+ 1. MUST accept utf-8 encoding
+
+
+ Response header content-type does not contain utf-8
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 2. MUST assume utf-8 if encoding is unspecified
+
+
+ Response header content-type does not contain utf-8
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json",
+ "date": "Tue, 17 Jan 2023 22:26:58 GMT",
+ "x-powered-by": "Express"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
diff --git a/implementations/hotchocolate/README.md b/implementations/hotchocolate/README.md
index 59469345..ce5fac71 100644
--- a/implementations/hotchocolate/README.md
+++ b/implementations/hotchocolate/README.md
@@ -87,12 +87,55 @@ _* This report was auto-generated by graphql-http_
## Warnings
The server _SHOULD_ support these, but is not required.
-1. SHOULD accept \*/\* and use application/json for the content-type
-```
-Content-Type header "application/graphql-response+json;charset=utf-8" does not contain "application/json"
-```
-2. SHOULD assume application/json content-type when accept is missing
-```
-Content-Type header "application/graphql-response+json;charset=utf-8" does not contain "application/json"
-```
+
+ 1. SHOULD accept \*/\* and use application/json for the content-type
+
+
+ Response header content-type does not contain application/json
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-type": "application/graphql-response+json;charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:21 GMT",
+ "server": "Kestrel",
+ "transfer-encoding": "chunked"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 2. SHOULD assume application/json content-type when accept is missing
+
+
+ Response header content-type does not contain application/json
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-type": "application/graphql-response+json;charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:22 GMT",
+ "server": "Kestrel",
+ "transfer-encoding": "chunked"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
diff --git a/implementations/mercurius/README.md b/implementations/mercurius/README.md
index 3ad6dae7..27863fe7 100644
--- a/implementations/mercurius/README.md
+++ b/implementations/mercurius/README.md
@@ -60,126 +60,791 @@ _* This report was auto-generated by graphql-http_
## Warnings
The server _SHOULD_ support these, but is not required.
-1. SHOULD accept application/graphql-response+json and match the content-type
-```
-Content-Type header "application/json; charset=utf-8" does not contain "application/graphql-response+json"
-```
-2. SHOULD use 200 status code with errors field on missing {query} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-3. SHOULD use 200 status code with errors field on object {query} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-4. SHOULD use 200 status code with errors field on number {query} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-5. SHOULD use 200 status code with errors field on boolean {query} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-6. SHOULD use 200 status code with errors field on array {query} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-7. SHOULD use 400 status code on number {operationName} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-8. SHOULD use 400 status code on boolean {operationName} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-9. SHOULD use 200 status code with errors field on object {operationName} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-10. SHOULD use 200 status code with errors field on array {operationName} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-11. SHOULD allow null {extensions} parameter when accepting application/graphql-response+json
-```
-Status code 400 is not 200
-```
-12. SHOULD use 400 status code on number {variables} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-13. SHOULD use 400 status code on boolean {variables} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-14. SHOULD use 200 status code with errors field on string {variables} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-15. SHOULD use 200 status code with errors field on number {variables} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-16. SHOULD use 200 status code with errors field on boolean {variables} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-17. SHOULD use 200 status code with errors field on array {variables} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-18. SHOULD use 200 status code with errors field on string {extensions} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-19. SHOULD use 200 status code with errors field on number {extensions} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-20. SHOULD use 200 status code with errors field on boolean {extensions} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-21. SHOULD use 200 status code with errors field on array {extensions} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-22. SHOULD use 200 status code on JSON parsing failure when accepting application/json
-```
-Status code 400 is not 200
-```
-23. SHOULD use 200 status code if parameters are invalid when accepting application/json
-```
-Status code 400 is not 200
-```
-24. SHOULD use 200 status code on document parsing failure when accepting application/json
-```
-Status code 400 is not 200
-```
-25. SHOULD use 200 status code on document validation failure when accepting application/json
-```
-Status code 400 is not 200
-```
-26. SHOULD not contain the data entry on JSON parsing failure when accepting application/graphql-response+json
-```
-Data entry null is not undefined
-```
-27. SHOULD not contain the data entry if parameters are invalid when accepting application/graphql-response+json
-```
-Data entry null is not undefined
-```
-28. SHOULD not contain the data entry on document parsing failure when accepting application/graphql-response+json
-```
-Data entry null is not undefined
-```
-29. SHOULD not contain the data entry on document validation failure when accepting application/graphql-response+json
-```
-Data entry null is not undefined
-```
+
+ 1. SHOULD accept application/graphql-response+json and match the content-type
+
+
+ Response header content-type does not contain application/graphql-response+json
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 2. SHOULD use 200 status code with errors field on missing {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "52",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ },
+ "body": {
+ "data": null,
+ "errors": [
+ {
+ "message": "Unknown query"
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 3. SHOULD use 200 status code with errors field on object {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "64",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ },
+ "body": {
+ "data": null,
+ "errors": [
+ {
+ "message": "body/query must be string"
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 4. SHOULD use 200 status code with errors field on number {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "110",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ },
+ "body": {
+ "data": null,
+ "errors": [
+ {
+ "message": "Syntax Error: Unexpected Int \"0\".",
+ "locations": [
+ {
+ "line": 1,
+ "column": 1
+ }
+ ]
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 5. SHOULD use 200 status code with errors field on boolean {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "115",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ },
+ "body": {
+ "data": null,
+ "errors": [
+ {
+ "message": "Syntax Error: Unexpected Name \"false\".",
+ "locations": [
+ {
+ "line": 1,
+ "column": 1
+ }
+ ]
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 6. SHOULD use 200 status code with errors field on array {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "115",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ },
+ "body": {
+ "data": null,
+ "errors": [
+ {
+ "message": "Syntax Error: Unexpected Name \"array\".",
+ "locations": [
+ {
+ "line": 1,
+ "column": 1
+ }
+ ]
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 7. SHOULD use 400 status code on number {operationName} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "69",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ },
+ "body": {
+ "data": null,
+ "errors": [
+ {
+ "message": "Unknown operation named \"0\"."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 8. SHOULD use 400 status code on boolean {operationName} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "73",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ },
+ "body": {
+ "data": null,
+ "errors": [
+ {
+ "message": "Unknown operation named \"false\"."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 9. SHOULD use 200 status code with errors field on object {operationName} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "77",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ },
+ "body": {
+ "data": null,
+ "errors": [
+ {
+ "message": "body/operationName must be string,null"
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 10. SHOULD use 200 status code with errors field on array {operationName} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "77",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ },
+ "body": {
+ "data": null,
+ "errors": [
+ {
+ "message": "body/operationName must be string,null"
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 11. SHOULD allow null {extensions} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "69",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ },
+ "body": {
+ "data": null,
+ "errors": [
+ {
+ "message": "body/extensions must be object"
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 12. SHOULD use 400 status code on number {variables} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 13. SHOULD use 400 status code on boolean {variables} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 14. SHOULD use 200 status code with errors field on string {variables} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "73",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ },
+ "body": {
+ "data": null,
+ "errors": [
+ {
+ "message": "body/variables must be object,null"
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 15. SHOULD use 200 status code with errors field on number {variables} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ }
+ }
+ ```
+
+
+ 16. SHOULD use 200 status code with errors field on boolean {variables} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ }
+ }
+ ```
+
+
+ 17. SHOULD use 200 status code with errors field on array {variables} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "73",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ },
+ "body": {
+ "data": null,
+ "errors": [
+ {
+ "message": "body/variables must be object,null"
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 18. SHOULD use 200 status code with errors field on string {extensions} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "69",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ },
+ "body": {
+ "data": null,
+ "errors": [
+ {
+ "message": "body/extensions must be object"
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 19. SHOULD use 200 status code with errors field on number {extensions} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "69",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ },
+ "body": {
+ "data": null,
+ "errors": [
+ {
+ "message": "body/extensions must be object"
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 20. SHOULD use 200 status code with errors field on boolean {extensions} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "69",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ },
+ "body": {
+ "data": null,
+ "errors": [
+ {
+ "message": "body/extensions must be object"
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 21. SHOULD use 200 status code with errors field on array {extensions} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "69",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ },
+ "body": {
+ "data": null,
+ "errors": [
+ {
+ "message": "body/extensions must be object"
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 22. SHOULD use 200 status code on JSON parsing failure when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "67",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ },
+ "body": {
+ "data": null,
+ "errors": [
+ {
+ "message": "Unexpected end of JSON input"
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 23. SHOULD use 200 status code if parameters are invalid when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "52",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ },
+ "body": {
+ "data": null,
+ "errors": [
+ {
+ "message": "Unknown query"
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 24. SHOULD use 200 status code on document parsing failure when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "116",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ },
+ "body": {
+ "data": null,
+ "errors": [
+ {
+ "message": "Syntax Error: Expected Name, found .",
+ "locations": [
+ {
+ "line": 1,
+ "column": 2
+ }
+ ]
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 25. SHOULD use 200 status code on document validation failure when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "135",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ },
+ "body": {
+ "data": null,
+ "errors": [
+ {
+ "message": "Syntax Error: Invalid number, expected digit but got: \"f\".",
+ "locations": [
+ {
+ "line": 1,
+ "column": 4
+ }
+ ]
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 26. SHOULD not contain the data entry on JSON parsing failure when accepting application/graphql-response+json
+
+
+ Response body execution result data is not "undefined"
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "67",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ }
+ }
+ ```
+
+
+ 27. SHOULD not contain the data entry if parameters are invalid when accepting application/graphql-response+json
+
+
+ Response body execution result data is not "undefined"
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "52",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ }
+ }
+ ```
+
+
+ 28. SHOULD not contain the data entry on document parsing failure when accepting application/graphql-response+json
+
+
+ Response body execution result data is not "undefined"
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "116",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ }
+ }
+ ```
+
+
+ 29. SHOULD not contain the data entry on document validation failure when accepting application/graphql-response+json
+
+
+ Response body execution result data is not "undefined"
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "135",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ }
+ }
+ ```
+
+
## Errors
The server _MUST_ support these.
-1. MUST allow null {extensions} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
+
+ 1. MUST allow null {extensions} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "69",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:00 GMT"
+ },
+ "body": {
+ "data": null,
+ "errors": [
+ {
+ "message": "body/extensions must be object"
+ }
+ ]
+ }
+ }
+ ```
+
+
diff --git a/implementations/pioneer/README.md b/implementations/pioneer/README.md
index 2151f612..5d4f0a54 100644
--- a/implementations/pioneer/README.md
+++ b/implementations/pioneer/README.md
@@ -86,16 +86,86 @@ _* This report was auto-generated by graphql-http_
## Warnings
The server _SHOULD_ support these, but is not required.
-1. SHOULD use 200 status code on JSON parsing failure when accepting application/json
-```
-Status code 400 is not 200
-```
-2. SHOULD use 200 status code on document parsing failure when accepting application/json
-```
-Status code 400 is not 200
-```
-3. SHOULD use 200 status code on document validation failure when accepting application/json
-```
-Status code 400 is not 200
-```
+
+ 1. SHOULD use 200 status code on JSON parsing failure when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "57",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:30:17 GMT"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Unable to parse JSON",
+ "path": []
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 2. SHOULD use 200 status code on document parsing failure when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "95",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:30:17 GMT"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Operation of this type is not allowed and has been blocked",
+ "path": []
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 3. SHOULD use 200 status code on document validation failure when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "95",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:30:17 GMT"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Operation of this type is not allowed and has been blocked",
+ "path": []
+ }
+ ]
+ }
+ }
+ ```
+
+
diff --git a/implementations/postgraphile/README.md b/implementations/postgraphile/README.md
index 56c24391..fe1a4fd4 100644
--- a/implementations/postgraphile/README.md
+++ b/implementations/postgraphile/README.md
@@ -56,136 +56,832 @@ _* This report was auto-generated by graphql-http_
## Warnings
The server _SHOULD_ support these, but is not required.
-1. SHOULD accept application/graphql-response+json and match the content-type
-```
-Content-Type header "application/json; charset=utf-8" does not contain "application/graphql-response+json"
-```
-2. SHOULD assume application/json content-type when accept is missing
-```
-Status code 405 is not 200
-```
-3. MAY accept application/x-www-form-urlencoded formatted GET requests
-```
-Status code 405 is not 200
-```
-4. SHOULD use 200 status code with errors field on missing {query} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-5. SHOULD use 400 status code on object {query} parameter when accepting application/graphql-response+json
-```
-Status code 500 is not 400
-```
-6. SHOULD use 400 status code on array {query} parameter when accepting application/graphql-response+json
-```
-Status code 500 is not 400
-```
-7. SHOULD use 200 status code with errors field on object {query} parameter when accepting application/json
-```
-Status code 500 is not 200
-```
-8. SHOULD use 200 status code with errors field on number {query} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-9. SHOULD use 200 status code with errors field on boolean {query} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-10. SHOULD use 200 status code with errors field on array {query} parameter when accepting application/json
-```
-Status code 500 is not 200
-```
-11. SHOULD use 200 status code with errors field on object {operationName} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-12. SHOULD use 200 status code with errors field on number {operationName} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-13. SHOULD use 200 status code with errors field on boolean {operationName} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-14. SHOULD use 200 status code with errors field on array {operationName} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-15. SHOULD use 400 status code on array {variables} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-16. SHOULD use 200 status code with errors field on string {variables} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-17. SHOULD use 200 status code with errors field on number {variables} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-18. SHOULD use 200 status code with errors field on boolean {variables} parameter when accepting application/json
-```
-Status code 400 is not 200
-```
-19. SHOULD use 200 status code with errors field on array {variables} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-20. MAY allow URL-encoded JSON string {variables} parameter in GETs when accepting application/graphql-response+json
-```
-Status code 405 is not 200
-```
-21. MAY allow URL-encoded JSON string {variables} parameter in GETs when accepting application/json
-```
-Status code 405 is not 200
-```
-22. SHOULD use 400 status code on string {extensions} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-23. SHOULD use 400 status code on number {extensions} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-24. SHOULD use 400 status code on boolean {extensions} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-25. SHOULD use 400 status code on array {extensions} parameter when accepting application/graphql-response+json
-```
-Status code 200 is not 400
-```
-26. SHOULD use 200 status code with errors field on string {extensions} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-27. SHOULD use 200 status code with errors field on number {extensions} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-28. SHOULD use 200 status code with errors field on boolean {extensions} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-29. SHOULD use 200 status code with errors field on array {extensions} parameter when accepting application/json
-```
-Execution result {"data":{"__typename":"Query"}} does not have a property 'errors'
-```
-30. SHOULD use 200 status code on JSON parsing failure when accepting application/json
-```
-Status code 400 is not 200
-```
-31. SHOULD use 200 status code if parameters are invalid when accepting application/json
-```
-Status code 400 is not 200
-```
-32. SHOULD use 200 status code on document parsing failure when accepting application/json
-```
-Status code 400 is not 200
-```
-33. SHOULD use 200 status code on document validation failure when accepting application/json
-```
-Status code 400 is not 200
-```
+
+ 1. SHOULD accept application/graphql-response+json and match the content-type
+
+
+ Response header content-type does not contain application/graphql-response+json
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:36 GMT"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 2. SHOULD assume application/json content-type when accept is missing
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 405,
+ "statusText": "Method Not Allowed",
+ "headers": {
+ "allow": "POST, OPTIONS",
+ "connection": "close",
+ "content-length": "60",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:36 GMT"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Only `POST` requests are allowed."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 3. MAY accept application/x-www-form-urlencoded formatted GET requests
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 405,
+ "statusText": "Method Not Allowed",
+ "headers": {
+ "allow": "POST, OPTIONS",
+ "connection": "close",
+ "content-length": "60",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:36 GMT"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Only `POST` requests are allowed."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 4. SHOULD use 200 status code with errors field on missing {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "55",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:36 GMT"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Must provide a query string."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 5. SHOULD use 400 status code on object {query} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 500,
+ "statusText": "Internal Server Error",
+ "headers": {
+ "connection": "close",
+ "content-length": "77",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:36 GMT"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Body must be a string. Received: { obj: \"ect\" }."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 6. SHOULD use 400 status code on array {query} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 500,
+ "statusText": "Internal Server Error",
+ "headers": {
+ "connection": "close",
+ "content-length": "152",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:36 GMT"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "The \"data\" argument must be of type string or an instance of Buffer, TypedArray, or DataView. Received an instance of Array"
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 7. SHOULD use 200 status code with errors field on object {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 500,
+ "statusText": "Internal Server Error",
+ "headers": {
+ "connection": "close",
+ "content-length": "77",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:36 GMT"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Body must be a string. Received: { obj: \"ect\" }."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 8. SHOULD use 200 status code with errors field on number {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "55",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:36 GMT"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Must provide a query string."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 9. SHOULD use 200 status code with errors field on boolean {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "55",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:36 GMT"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Must provide a query string."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 10. SHOULD use 200 status code with errors field on array {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 500,
+ "statusText": "Internal Server Error",
+ "headers": {
+ "connection": "close",
+ "content-length": "152",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:36 GMT"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "The \"data\" argument must be of type string or an instance of Buffer, TypedArray, or DataView. Received an instance of Array"
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 11. SHOULD use 200 status code with errors field on object {operationName} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "73",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:36 GMT"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Operation name must be a string, not 'object'."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 12. SHOULD use 200 status code with errors field on number {operationName} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "73",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:36 GMT"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Operation name must be a string, not 'number'."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 13. SHOULD use 200 status code with errors field on boolean {operationName} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "74",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:36 GMT"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Operation name must be a string, not 'boolean'."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 14. SHOULD use 200 status code with errors field on array {operationName} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "73",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:36 GMT"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Operation name must be a string, not 'object'."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 15. SHOULD use 400 status code on array {variables} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:37 GMT"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 16. SHOULD use 200 status code with errors field on string {variables} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "67",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:37 GMT"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Unexpected token s in JSON at position 0"
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 17. SHOULD use 200 status code with errors field on number {variables} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "69",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:37 GMT"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Variables must be an object, not 'number'."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 18. SHOULD use 200 status code with errors field on boolean {variables} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "70",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:37 GMT"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Variables must be an object, not 'boolean'."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 19. SHOULD use 200 status code with errors field on array {variables} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:37 GMT"
+ }
+ }
+ ```
+
+
+ 20. MAY allow URL-encoded JSON string {variables} parameter in GETs when accepting application/graphql-response+json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 405,
+ "statusText": "Method Not Allowed",
+ "headers": {
+ "allow": "POST, OPTIONS",
+ "connection": "close",
+ "content-length": "60",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:37 GMT"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Only `POST` requests are allowed."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 21. MAY allow URL-encoded JSON string {variables} parameter in GETs when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 405,
+ "statusText": "Method Not Allowed",
+ "headers": {
+ "allow": "POST, OPTIONS",
+ "connection": "close",
+ "content-length": "60",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:37 GMT"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Only `POST` requests are allowed."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 22. SHOULD use 400 status code on string {extensions} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:37 GMT"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 23. SHOULD use 400 status code on number {extensions} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:37 GMT"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 24. SHOULD use 400 status code on boolean {extensions} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:37 GMT"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 25. SHOULD use 400 status code on array {extensions} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:37 GMT"
+ },
+ "body": {
+ "data": {
+ "__typename": "Query"
+ }
+ }
+ }
+ ```
+
+
+ 26. SHOULD use 200 status code with errors field on string {extensions} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:37 GMT"
+ }
+ }
+ ```
+
+
+ 27. SHOULD use 200 status code with errors field on number {extensions} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:37 GMT"
+ }
+ }
+ ```
+
+
+ 28. SHOULD use 200 status code with errors field on boolean {extensions} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:37 GMT"
+ }
+ }
+ ```
+
+
+ 29. SHOULD use 200 status code with errors field on array {extensions} parameter when accepting application/json
+
+
+ Response body execution result does not have a property "errors"
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "connection": "close",
+ "content-length": "31",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:37 GMT"
+ }
+ }
+ ```
+
+
+ 30. SHOULD use 200 status code on JSON parsing failure when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "55",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:37 GMT"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Unexpected end of JSON input"
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 31. SHOULD use 200 status code if parameters are invalid when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "55",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:37 GMT"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Must provide a query string."
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 32. SHOULD use 200 status code on document parsing failure when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "104",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:37 GMT"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Syntax Error: Expected Name, found .",
+ "locations": [
+ {
+ "line": 1,
+ "column": 2
+ }
+ ]
+ }
+ ]
+ }
+ }
+ ```
+
+
+ 33. SHOULD use 200 status code on document validation failure when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 400,
+ "statusText": "Bad Request",
+ "headers": {
+ "connection": "close",
+ "content-length": "123",
+ "content-type": "application/json; charset=utf-8",
+ "date": "Tue, 17 Jan 2023 22:27:37 GMT"
+ },
+ "body": {
+ "errors": [
+ {
+ "message": "Syntax Error: Invalid number, expected digit but got: \"f\".",
+ "locations": [
+ {
+ "line": 1,
+ "column": 4
+ }
+ ]
+ }
+ ]
+ }
+ }
+ ```
+
+
diff --git a/implementations/thegraph/README.md b/implementations/thegraph/README.md
index 213b031d..09a08f52 100644
--- a/implementations/thegraph/README.md
+++ b/implementations/thegraph/README.md
@@ -18,294 +18,1950 @@ _* This report was auto-generated by graphql-http_
## Warnings
The server _SHOULD_ support these, but is not required.
-1. SHOULD accept application/graphql-response+json and match the content-type
-```
-Status code 404 is not 200
-```
-2. SHOULD accept \*/\* and use application/json for the content-type
-```
-Status code 404 is not 200
-```
-3. SHOULD assume application/json content-type when accept is missing
-```
-Content-Type header "text/html" does not contain "application/json"
-```
-4. MAY NOT allow executing mutations on GET requests
-```
-Status code 200 is not between 400 and 499
-```
-5. SHOULD use 400 status code on missing {query} parameter when accepting application/graphql-response+json
-```
-Status code 404 is not 400
-```
-6. SHOULD use 200 status code with errors field on missing {query} parameter when accepting application/json
-```
-Status code 404 is not 200
-```
-7. SHOULD use 400 status code on object {query} parameter when accepting application/graphql-response+json
-```
-Status code 404 is not 400
-```
-8. SHOULD use 400 status code on number {query} parameter when accepting application/graphql-response+json
-```
-Status code 404 is not 400
-```
-9. SHOULD use 400 status code on boolean {query} parameter when accepting application/graphql-response+json
-```
-Status code 404 is not 400
-```
-10. SHOULD use 400 status code on array {query} parameter when accepting application/graphql-response+json
-```
-Status code 404 is not 400
-```
-11. SHOULD use 200 status code with errors field on object {query} parameter when accepting application/json
-```
-Status code 404 is not 200
-```
-12. SHOULD use 200 status code with errors field on number {query} parameter when accepting application/json
-```
-Status code 404 is not 200
-```
-13. SHOULD use 200 status code with errors field on boolean {query} parameter when accepting application/json
-```
-Status code 404 is not 200
-```
-14. SHOULD use 200 status code with errors field on array {query} parameter when accepting application/json
-```
-Status code 404 is not 200
-```
-15. SHOULD allow string {query} parameter when accepting application/graphql-response+json
-```
-Status code 404 is not 200
-```
-16. SHOULD use 400 status code on object {operationName} parameter when accepting application/graphql-response+json
-```
-Status code 404 is not 400
-```
-17. SHOULD use 400 status code on number {operationName} parameter when accepting application/graphql-response+json
-```
-Status code 404 is not 400
-```
-18. SHOULD use 400 status code on boolean {operationName} parameter when accepting application/graphql-response+json
-```
-Status code 404 is not 400
-```
-19. SHOULD use 400 status code on array {operationName} parameter when accepting application/graphql-response+json
-```
-Status code 404 is not 400
-```
-20. SHOULD use 200 status code with errors field on object {operationName} parameter when accepting application/json
-```
-Status code 404 is not 200
-```
-21. SHOULD use 200 status code with errors field on number {operationName} parameter when accepting application/json
-```
-Status code 404 is not 200
-```
-22. SHOULD use 200 status code with errors field on boolean {operationName} parameter when accepting application/json
-```
-Status code 404 is not 200
-```
-23. SHOULD use 200 status code with errors field on array {operationName} parameter when accepting application/json
-```
-Status code 404 is not 200
-```
-24. SHOULD allow string {operationName} parameter when accepting application/graphql-response+json
-```
-Status code 404 is not 200
-```
-25. SHOULD allow null {variables} parameter when accepting application/graphql-response+json
-```
-Status code 404 is not 200
-```
-26. SHOULD allow null {operationName} parameter when accepting application/graphql-response+json
-```
-Status code 404 is not 200
-```
-27. SHOULD allow null {extensions} parameter when accepting application/graphql-response+json
-```
-Status code 404 is not 200
-```
-28. SHOULD use 400 status code on string {variables} parameter when accepting application/graphql-response+json
-```
-Status code 404 is not 400
-```
-29. SHOULD use 400 status code on number {variables} parameter when accepting application/graphql-response+json
-```
-Status code 404 is not 400
-```
-30. SHOULD use 400 status code on boolean {variables} parameter when accepting application/graphql-response+json
-```
-Status code 404 is not 400
-```
-31. SHOULD use 400 status code on array {variables} parameter when accepting application/graphql-response+json
-```
-Status code 404 is not 400
-```
-32. SHOULD use 200 status code with errors field on string {variables} parameter when accepting application/json
-```
-Status code 404 is not 200
-```
-33. SHOULD use 200 status code with errors field on number {variables} parameter when accepting application/json
-```
-Status code 404 is not 200
-```
-34. SHOULD use 200 status code with errors field on boolean {variables} parameter when accepting application/json
-```
-Status code 404 is not 200
-```
-35. SHOULD use 200 status code with errors field on array {variables} parameter when accepting application/json
-```
-Status code 404 is not 200
-```
-36. SHOULD allow map {variables} parameter when accepting application/graphql-response+json
-```
-Status code 404 is not 200
-```
-37. MAY allow URL-encoded JSON string {variables} parameter in GETs when accepting application/json
-```
-Response body is not valid JSON. Got "\n\n\n\nThe GraphiQL\n\n\n\n\n\n\n\n\n\n\n\n\n\n"
+ }
+ ```
+
+
+ 4. MAY NOT allow executing mutations on GET requests
+
+
+ Response status is not between 400 and 499
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283efcb725884-IAD",
+ "connection": "close",
+ "content-encoding": "br",
+ "content-type": "text/html",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=4.9999980547e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "transfer-encoding": "chunked",
+ "vary": "Accept-Encoding"
+ },
+ "body": "\n\n\n\nThe GraphiQL\n\n\n\n\n\n\n\n\n\n\n\n\n\n"
+ }
+ ```
+
+
+ 5. SHOULD use 400 status code on missing {query} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283eefe0381cf-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=9.9999997473788e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 6. SHOULD use 200 status code with errors field on missing {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef1bca81e2-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=7.0000023697503e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 7. SHOULD use 400 status code on object {query} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef1fdf5734-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=7.9999990703072e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 8. SHOULD use 400 status code on number {query} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef3e815b0b-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=5.9999983932357e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 9. SHOULD use 400 status code on boolean {query} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef4a619c3d-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=6.0000020312145e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 10. SHOULD use 400 status code on array {query} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef4ca26fbc-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=7.0000023697503e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 11. SHOULD use 200 status code with errors field on object {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef3e3c5992-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=6.0000002122251e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 12. SHOULD use 200 status code with errors field on number {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283f059087f9a-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=5.9999983932357e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 13. SHOULD use 200 status code with errors field on boolean {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef3af981fd-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=7.9999990703072e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 14. SHOULD use 200 status code with errors field on array {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283f0389a2d1f-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=8.999999408843e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 15. SHOULD allow string {query} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef2db5206c-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=6.9999987317715e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 16. SHOULD use 400 status code on object {operationName} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef089b8024-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=9.9999997473788e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 17. SHOULD use 400 status code on number {operationName} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef1df905d8-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=7.9999990703072e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 18. SHOULD use 400 status code on boolean {operationName} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef29b4700f-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=4.9999980547e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 19. SHOULD use 400 status code on array {operationName} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef2e4a590e-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=6.0000020312145e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 20. SHOULD use 200 status code with errors field on object {operationName} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef19582004-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=7.9999990703072e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 21. SHOULD use 200 status code with errors field on number {operationName} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283eefb2259a4-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=7.9999990703072e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 22. SHOULD use 200 status code with errors field on boolean {operationName} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283f03e958f20-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=5.9999983932357e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 23. SHOULD use 200 status code with errors field on array {operationName} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef9d437fdc-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=6.0000020312145e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 24. SHOULD allow string {operationName} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef3a038227-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=6.9999987317715e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 25. SHOULD allow null {variables} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef882e9c19-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=7.9999990703072e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 26. SHOULD allow null {operationName} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283efbcfa5860-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=7.0000023697503e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 27. SHOULD allow null {extensions} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef8f657fa6-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=7.0000023697503e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 28. SHOULD use 400 status code on string {variables} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef883c82f8-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=9.9999997473788e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 29. SHOULD use 400 status code on number {variables} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283f049ee5b6a-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=5.9999983932357e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 30. SHOULD use 400 status code on boolean {variables} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283f058c60648-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=8.000002708286e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 31. SHOULD use 400 status code on array {variables} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef9acb82b1-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=7.0000023697503e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 32. SHOULD use 200 status code with errors field on string {variables} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef6e806fd9-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=5.0000016926788e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 33. SHOULD use 200 status code with errors field on number {variables} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef8ade1781-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=6.9999987317715e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 34. SHOULD use 200 status code with errors field on boolean {variables} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283efadc357b2-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=7.0000023697503e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 35. SHOULD use 200 status code with errors field on array {variables} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef5d7113bc-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=6.9999987317715e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 36. SHOULD allow map {variables} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef7f398199-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=6.0000020312145e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 37. MAY allow URL-encoded JSON string {variables} parameter in GETs when accepting application/json
+
+
+ Response body is not valid JSON
+
+ ```json
+ {
+ "status": 200,
+ "statusText": "OK",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283f038ac5758-IAD",
+ "connection": "close",
+ "content-encoding": "br",
+ "content-type": "text/html",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=7.9999990703072e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "transfer-encoding": "chunked",
+ "vary": "Accept-Encoding"
+ }
+ }
+ ```
+
+
+ 38. SHOULD use 400 status code on string {extensions} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef9f0f2d0c-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=7.0000023697503e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 39. SHOULD use 400 status code on number {extensions} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283f03d772426-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=6.9999987317715e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 40. SHOULD use 400 status code on boolean {extensions} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283efae4181dc-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=8.000002708286e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 41. SHOULD use 400 status code on array {extensions} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef4f2006bf-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=7.0000023697503e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 42. SHOULD use 200 status code with errors field on string {extensions} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef5f632d1f-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=9.9999997473788e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 43. SHOULD use 200 status code with errors field on number {extensions} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef5b47174c-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=7.9999990703072e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 44. SHOULD use 200 status code with errors field on boolean {extensions} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef7f1882ec-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=6.9999987317715e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 45. SHOULD use 200 status code with errors field on array {extensions} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283f04c3159b6-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=6.9999987317715e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 46. SHOULD allow map {extensions} parameter when accepting application/graphql-response+json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef6b9905ed-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=6.9999987317715e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 47. SHOULD use 200 status code on JSON parsing failure when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283f02cce2412-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=8.000002708286e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 48. SHOULD use 200 status code if parameters are invalid when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283f06c382d22-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=5.0000016926788e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 49. SHOULD use 200 status code on document parsing failure when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283f06f3c9c82-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=5.9999983932357e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 50. SHOULD use 200 status code on document validation failure when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283f05d347fc3-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=6.9999987317715e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 51. SHOULD use 400 status code on JSON parsing failure when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef6f0682ec-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=5.9999983932357e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 52. SHOULD not contain the data entry on JSON parsing failure when accepting application/graphql-response+json
+
+
+ Response body is not valid JSON
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283f06ec0cf5c-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=7.9999990703072e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ }
+ }
+ ```
+
+
+ 53. SHOULD use 400 status code if parameters are invalid when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283efaff2172f-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=6.9999987317715e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 54. SHOULD not contain the data entry if parameters are invalid when accepting application/graphql-response+json
+
+
+ Response body is not valid JSON
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283efb9290580-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=6.9999987317715e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ }
+ }
+ ```
+
+
+ 55. SHOULD use 400 status code on document parsing failure when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283f05bdacecc-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=7.0000005507609e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 56. SHOULD not contain the data entry on document parsing failure when accepting application/graphql-response+json
+
+
+ Response body is not valid JSON
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283efb91181a5-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=4.9999980547e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ }
+ }
+ ```
+
+
+ 57. SHOULD use 400 status code on document validation failure when accepting application/graphql-response+json
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283f05a47828a-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=8.0000008892966e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 58. SHOULD not contain the data entry on document validation failure when accepting application/graphql-response+json
+
+
+ Response body is not valid JSON
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283f0391982c9-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=5.9999983932357e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ }
+ }
+ ```
+
+
## Errors
The server _MUST_ support these.
-1. MUST accept application/json and match the content-type
-```
-Status code 404 is not 200
-```
-2. MUST use utf-8 encoding when responding
-```
-Status code 404 is not 200
-```
-3. MUST accept utf-8 encoding
-```
-Status code 404 is not 200
-```
-4. MUST assume utf-8 if encoding is unspecified
-```
-Status code 404 is not 200
-```
-5. MUST accept POST requests
-```
-Status code 404 is not 200
-```
-6. MUST accept application/json POST requests
-```
-Status code 404 is not 200
-```
-7. MUST require a request body on POST
-```
-Status code 404 is not 400
-```
-8. MUST allow string {query} parameter when accepting application/json
-```
-Status code 404 is not 200
-```
-9. MUST allow string {operationName} parameter when accepting application/json
-```
-Status code 404 is not 200
-```
-10. MUST allow null {variables} parameter when accepting application/json
-```
-Status code 404 is not 200
-```
-11. MUST allow null {operationName} parameter when accepting application/json
-```
-Status code 404 is not 200
-```
-12. MUST allow null {extensions} parameter when accepting application/json
-```
-Status code 404 is not 200
-```
-13. MUST allow map {variables} parameter when accepting application/json
-```
-Status code 404 is not 200
-```
-14. MUST allow map {extensions} parameter when accepting application/json
-```
-Status code 404 is not 200
-```
+
+ 1. MUST accept application/json and match the content-type
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283efbab482b0-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=6.9999987317715e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 2. MUST use utf-8 encoding when responding
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283efeed956bc-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=8.999999408843e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 3. MUST accept utf-8 encoding
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283efcc6d1765-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=8.999999408843e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 4. MUST assume utf-8 if encoding is unspecified
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283efe9e837f3-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=5.9999983932357e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 5. MUST accept POST requests
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283efdb4457c7-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=1.3000000762986e-05",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 6. MUST accept application/json POST requests
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef095e56e6-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=5.9999983932357e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 7. MUST require a request body on POST
+
+
+ Response status code is not 400
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef29b80618-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=7.0000023697503e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 8. MUST allow string {query} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283f02ecb5764-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=7.0000023697503e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 9. MUST allow string {operationName} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef5ffa200f-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=7.0000023697503e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 10. MUST allow null {variables} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef6d1874a3-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=8.0000008892966e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 11. MUST allow null {operationName} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef99c7c175-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=7.0000005507609e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 12. MUST allow null {extensions} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283ef4e9f59a3-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=6.0000020312145e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 13. MUST allow map {variables} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283f03f3d242b-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=8.999999408843e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
+ 14. MUST allow map {extensions} parameter when accepting application/json
+
+
+ Response status code is not 200
+
+ ```json
+ {
+ "status": 404,
+ "statusText": "Not Found",
+ "headers": {
+ "access-control-allow-origin": "*",
+ "cf-cache-status": "DYNAMIC",
+ "cf-ray": "78b283f02da15767-IAD",
+ "connection": "close",
+ "content-length": "9",
+ "content-type": "text/plain",
+ "date": "Tue, 17 Jan 2023 22:26:56 GMT",
+ "server": "cloudflare",
+ "server-timing": "cf-q-config;dur=8.000002708286e-06",
+ "strict-transport-security": "max-age=15724800; includeSubDomains",
+ "vary": "Accept-Encoding"
+ },
+ "body": "Not found"
+ }
+ ```
+
+
diff --git a/scripts/audit-implementation.mjs b/scripts/audit-implementation.mjs
index 16115b9b..5db53d46 100644
--- a/scripts/audit-implementation.mjs
+++ b/scripts/audit-implementation.mjs
@@ -130,24 +130,18 @@ async function createReport(results) {
if (grouped.warn.length) {
report += `## Warnings\n`;
- report += `The server _SHOULD_ support these, but is not required.\n`;
+ report += `The server _SHOULD_ support these, but is not required.\n\n`;
for (const [i, result] of grouped.warn.entries()) {
- report += `${i + 1}. ${escapeMarkdown(result.name)} \n`;
- report += '```\n';
- report += `${truncate(result.reason)}\n`;
- report += '```\n';
+ report += await printAuditFail(result, i);
}
report += '\n';
}
if (grouped.error.length) {
report += `## Errors\n`;
- report += `The server _MUST_ support these.\n`;
+ report += `The server _MUST_ support these.\n\n`;
for (const [i, result] of grouped.error.entries()) {
- report += `${i + 1}. ${escapeMarkdown(result.name)} \n`;
- report += '```\n';
- report += `${truncate(result.reason)}\n`;
- report += '```\n';
+ report += await printAuditFail(result, i);
}
}
@@ -163,6 +157,52 @@ async function createReport(results) {
};
}
+/**
+ * @param {AuditFail} result
+ * @param {number} i
+ */
+async function printAuditFail(result, i) {
+ let indent = ' ';
+ let report = '';
+ report += indent + `${i + 1}. ${escapeMarkdown(result.name)} \n\n`;
+ indent += indent + ' '; // double the indent for details
+ report += indent + '\n';
+ report += indent + `${truncate(result.reason)}\n`;
+ report += indent + '\n';
+ report += indent + '```json\n';
+ const res = result.response;
+ /** @type {Record} */
+ const headers = {};
+ for (const [key, val] of res.headers.entries()) {
+ headers[key] = val;
+ }
+ let text, json;
+ try {
+ text = await res.text();
+ json = JSON.parse(text);
+ } catch {
+ // noop
+ }
+ const stringified = JSON.stringify(
+ {
+ status: res.status,
+ statusText: res.statusText,
+ headers,
+ body: json || text,
+ },
+ null,
+ 2,
+ );
+ // adding indentation to stringify doesnt work, just indent each line
+ for (const line of stringified.split('\n')) {
+ report += indent + line + '\n';
+ }
+ report += indent + '```\n';
+ report += indent + '\n';
+ report += indent + '\n';
+ return report;
+}
+
/**
* @param {string} str
*/
diff --git a/src/audits/common.ts b/src/audits/common.ts
index 21ef4a16..7fa15e86 100644
--- a/src/audits/common.ts
+++ b/src/audits/common.ts
@@ -54,6 +54,7 @@ export interface AuditFail {
name: AuditName;
status: 'warn' | 'error';
reason: string;
+ response: Response;
}
/**
diff --git a/src/audits/server.ts b/src/audits/server.ts
index 30651cba..e3122555 100644
--- a/src/audits/server.ts
+++ b/src/audits/server.ts
@@ -5,12 +5,7 @@
*/
import { Audit, AuditResult } from './common';
-import {
- assert,
- assertBodyAsExecutionResult,
- audit,
- extendedTypeof,
-} from './utils';
+import { ressert, audit, extendedTypeof, AuditError } from './utils';
/**
* Options for server audits required to check GraphQL over HTTP spec conformance.
@@ -56,11 +51,10 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
},
body: JSON.stringify({ query: '{ __typename }' }),
});
- assert('Status code', res.status).toBe(200);
- assert(
- 'Content-Type header',
- res.headers.get('content-type'),
- ).toContain('application/graphql-response+json');
+ ressert(res).status.toBe(200);
+ ressert(res)
+ .header('content-type')
+ .toContain('application/graphql-response+json');
},
),
audit(
@@ -74,11 +68,8 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
},
body: JSON.stringify({ query: '{ __typename }' }),
});
- assert('Status code', res.status).toBe(200);
- assert(
- 'Content-Type header',
- res.headers.get('content-type'),
- ).toContain('application/json');
+ ressert(res).status.toBe(200);
+ ressert(res).header('content-type').toContain('application/json');
},
),
audit(
@@ -92,11 +83,8 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
},
body: JSON.stringify({ query: '{ __typename }' }),
});
- assert('Status code', res.status).toBe(200);
- assert(
- 'Content-Type header',
- res.headers.get('content-type'),
- ).toContain('application/json');
+ ressert(res).status.toBe(200);
+ ressert(res).header('content-type').toContain('application/json');
},
),
audit(
@@ -106,11 +94,8 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
url.searchParams.set('query', '{ __typename }');
const res = await fetchFn(url.toString());
- assert('Status code', res.status).toBe(200);
- assert(
- 'Content-Type header',
- res.headers.get('content-type'),
- ).toContain('application/json');
+ ressert(res).status.toBe(200);
+ ressert(res).header('content-type').toContain('application/json');
},
),
audit('MUST use utf-8 encoding when responding', async () => {
@@ -121,34 +106,32 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
},
body: JSON.stringify({ query: '{ __typename }' }),
});
- assert('Status code', res.status).toBe(200);
+ ressert(res).status.toBe(200);
// has charset set to utf-8
try {
- assert(
- 'Content-Type header',
- res.headers.get('content-type'),
- ).toContain('charset=utf-8');
+ ressert(res).header('content-type').toContain('charset=utf-8');
return;
} catch {
// noop, continue
}
// has no charset specified
- assert(
- 'Content-Type header',
- res.headers.get('content-type'),
- ).notToContain('charset');
+ ressert(res).header('content-type').notToContain('charset');
// and the content is utf-8 encoded
try {
const decoder = new TextDecoder('utf-8');
const decoded = decoder.decode(await res.arrayBuffer());
- assert('UTF-8 decoded body', decoded).toBe(
- '{"data":{"__typename":"Query"}}',
- );
+ const expected = '{"data":{"__typename":"Query"}}';
+ if (decoded !== expected) {
+ throw new AuditError(
+ res,
+ `Response UTF-8 decoded body is not '${expected}'`,
+ );
+ }
} catch {
- throw 'Body is not UTF-8 encoded';
+ throw new AuditError(res, 'Response body is not UTF-8 encoded');
}
}),
audit('MUST accept utf-8 encoding', async () => {
@@ -160,10 +143,8 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
body: JSON.stringify({ query: '{ __typename }' }),
});
- assert('Status code', res.status).toBe(200);
- assert('Content-Type header', res.headers.get('content-type')).toContain(
- 'utf-8',
- );
+ ressert(res).status.toBe(200);
+ ressert(res).header('content-type').toContain('utf-8');
}),
audit('MUST assume utf-8 if encoding is unspecified', async () => {
const res = await fetchFn(await getUrl(opts.url), {
@@ -174,10 +155,8 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
body: JSON.stringify({ query: '{ __typename }' }),
});
- assert('Status code', res.status).toBe(200);
- assert('Content-Type header', res.headers.get('content-type')).toContain(
- 'utf-8',
- );
+ ressert(res).status.toBe(200);
+ ressert(res).header('content-type').toContain('utf-8');
}),
// Request
audit('MUST accept POST requests', async () => {
@@ -186,7 +165,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
headers: { 'content-type': 'application/json' },
body: JSON.stringify({ query: '{ __typename }' }),
});
- assert('Status code', res.status).toBe(200);
+ ressert(res).status.toBe(200);
}),
audit(
'MAY accept application/x-www-form-urlencoded formatted GET requests',
@@ -195,7 +174,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
url.searchParams.set('query', '{ __typename }');
const res = await fetchFn(url.toString());
- assert('Status code', res.status).toBe(200);
+ ressert(res).status.toBe(200);
},
),
// Request GET
@@ -209,7 +188,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
accept: 'application/graphql-response+json',
},
});
- assert('Status code', res.status).toBeBetween(400, 499);
+ ressert(res).status.toBeBetween(400, 499);
}),
// Request POST
audit(
@@ -218,7 +197,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
const res = await fetchFn(await getUrl(opts.url), {
method: 'POST',
});
- assert('Status code', res.status).toBeBetween(400, 499);
+ ressert(res).status.toBeBetween(400, 499);
},
),
audit('MUST accept application/json POST requests', async () => {
@@ -227,7 +206,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
headers: { 'content-type': 'application/json' },
body: JSON.stringify({ query: '{ __typename }' }),
});
- assert('Status code', res.status).toBe(200);
+ ressert(res).status.toBe(200);
}),
audit('MUST require a request body on POST', async () => {
const res = await fetchFn(await getUrl(opts.url), {
@@ -235,12 +214,9 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
headers: { 'content-type': 'application/json' },
});
if (res.headers.get('content-type')?.includes('application/json')) {
- assert(
- 'Execution result',
- await assertBodyAsExecutionResult(res),
- ).toHaveProperty('errors');
+ await ressert(res).bodyAsExecutionResult.toHaveProperty('errors');
} else {
- assert('Status code', res.status).toBe(400);
+ ressert(res).status.toBe(400);
}
}),
// Request Parameters
@@ -256,7 +232,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
},
body: JSON.stringify({ notquery: '{ __typename }' }),
});
- assert('Status code', res.status).toBe(400);
+ ressert(res).status.toBe(400);
},
),
audit(
@@ -270,11 +246,8 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
},
body: JSON.stringify({ notquery: '{ __typename }' }),
});
- assert('Status code', res.status).toBe(200);
- assert(
- 'Execution result',
- await assertBodyAsExecutionResult(res),
- ).toHaveProperty('errors');
+ ressert(res).status.toBe(200);
+ await ressert(res).bodyAsExecutionResult.toHaveProperty('errors');
},
),
...[{ obj: 'ect' }, 0, false, ['array']].map((invalid) =>
@@ -294,7 +267,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
query: invalid,
}),
});
- assert('Status code', res.status).toBe(400);
+ ressert(res).status.toBe(400);
},
),
),
@@ -314,11 +287,8 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
query: invalid,
}),
});
- assert('Status code', res.status).toBe(200);
- assert(
- 'Execution result',
- await assertBodyAsExecutionResult(res),
- ).toHaveProperty('errors');
+ ressert(res).status.toBe(200);
+ await ressert(res).bodyAsExecutionResult.toHaveProperty('errors');
},
),
),
@@ -336,7 +306,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
query: '{ __typename }',
}),
});
- assert('Status code', res.status).toBe(200);
+ ressert(res).status.toBe(200);
},
),
audit(
@@ -352,11 +322,8 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
query: '{ __typename }',
}),
});
- assert('Status code', res.status).toBe(200);
- assert(
- 'Execution result',
- await assertBodyAsExecutionResult(res),
- ).notToHaveProperty('errors');
+ ressert(res).status.toBe(200);
+ await ressert(res).bodyAsExecutionResult.notToHaveProperty('errors');
},
),
...[{ obj: 'ect' }, 0, false, ['array']].map((invalid) =>
@@ -377,7 +344,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
query: '{ __typename }',
}),
});
- assert('Status code', res.status).toBe(400);
+ ressert(res).status.toBe(400);
},
),
),
@@ -398,11 +365,8 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
query: '{ __typename }',
}),
});
- assert('Status code', res.status).toBe(200);
- assert(
- 'Execution result',
- await assertBodyAsExecutionResult(res),
- ).toHaveProperty('errors');
+ ressert(res).status.toBe(200);
+ await ressert(res).bodyAsExecutionResult.toHaveProperty('errors');
},
),
),
@@ -421,7 +385,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
query: 'query Query { __typename }',
}),
});
- assert('Status code', res.status).toBe(200);
+ ressert(res).status.toBe(200);
},
),
audit(
@@ -438,11 +402,8 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
query: 'query Query { __typename }',
}),
});
- assert('Status code', res.status).toBe(200);
- assert(
- 'Execution result',
- await assertBodyAsExecutionResult(res),
- ).notToHaveProperty('errors');
+ ressert(res).status.toBe(200);
+ await ressert(res).bodyAsExecutionResult.notToHaveProperty('errors');
},
),
...['variables', 'operationName', 'extensions'].flatMap((parameter) => [
@@ -461,11 +422,8 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
[parameter]: null,
}),
});
- assert('Status code', res.status).toBe(200);
- assert(
- 'Execution result',
- await assertBodyAsExecutionResult(res),
- ).notToHaveProperty('errors');
+ ressert(res).status.toBe(200);
+ await ressert(res).bodyAsExecutionResult.notToHaveProperty('errors');
},
),
audit(
@@ -482,11 +440,8 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
[parameter]: null,
}),
});
- assert('Status code', res.status).toBe(200);
- assert(
- 'Execution result',
- await assertBodyAsExecutionResult(res),
- ).notToHaveProperty('errors');
+ ressert(res).status.toBe(200);
+ await ressert(res).bodyAsExecutionResult.notToHaveProperty('errors');
},
),
]),
@@ -508,7 +463,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
variables: invalid,
}),
});
- assert('Status code', res.status).toBe(400);
+ ressert(res).status.toBe(400);
},
),
),
@@ -529,11 +484,8 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
variables: invalid,
}),
});
- assert('Status code', res.status).toBe(200);
- assert(
- 'Execution result',
- await assertBodyAsExecutionResult(res),
- ).toHaveProperty('errors');
+ ressert(res).status.toBe(200);
+ await ressert(res).bodyAsExecutionResult.toHaveProperty('errors');
},
),
),
@@ -553,7 +505,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
variables: { name: 'sometype' },
}),
});
- assert('Status code', res.status).toBe(200);
+ ressert(res).status.toBe(200);
},
),
audit(
@@ -571,11 +523,8 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
variables: { name: 'sometype' },
}),
});
- assert('Status code', res.status).toBe(200);
- assert(
- 'Execution result',
- await assertBodyAsExecutionResult(res),
- ).notToHaveProperty('errors');
+ ressert(res).status.toBe(200);
+ await ressert(res).bodyAsExecutionResult.notToHaveProperty('errors');
},
),
audit(
@@ -593,7 +542,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
accept: 'application/graphql-response+json',
},
});
- assert('Status code', res.status).toBe(200);
+ ressert(res).status.toBe(200);
},
),
audit(
@@ -611,11 +560,8 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
accept: 'application/json',
},
});
- assert('Status code', res.status).toBe(200);
- assert(
- 'Execution result',
- await assertBodyAsExecutionResult(res),
- ).notToHaveProperty('errors');
+ ressert(res).status.toBe(200);
+ await ressert(res).bodyAsExecutionResult.notToHaveProperty('errors');
},
),
...['string', 0, false, ['array']].map((invalid) =>
@@ -636,7 +582,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
extensions: invalid,
}),
});
- assert('Status code', res.status).toBe(400);
+ ressert(res).status.toBe(400);
},
),
),
@@ -657,11 +603,8 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
extensions: invalid,
}),
});
- assert('Status code', res.status).toBe(200);
- assert(
- 'Execution result',
- await assertBodyAsExecutionResult(res),
- ).toHaveProperty('errors');
+ ressert(res).status.toBe(200);
+ await ressert(res).bodyAsExecutionResult.toHaveProperty('errors');
},
),
),
@@ -680,7 +623,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
extensions: { some: 'value' },
}),
});
- assert('Status code', res.status).toBe(200);
+ ressert(res).status.toBe(200);
},
),
audit(
@@ -697,11 +640,8 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
extensions: { some: 'value' },
}),
});
- assert('Status code', res.status).toBe(200);
- assert(
- 'Execution result',
- await assertBodyAsExecutionResult(res),
- ).notToHaveProperty('errors');
+ ressert(res).status.toBe(200);
+ await ressert(res).bodyAsExecutionResult.notToHaveProperty('errors');
},
),
// TODO: audit('MUST accept a map for the {extensions} parameter'),
@@ -717,7 +657,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
},
body: '{ "not a JSON',
});
- assert('Status code', res.status).toBe(200);
+ ressert(res).status.toBe(200);
},
),
audit(
@@ -733,7 +673,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
qeury: /* typo */ '{ __typename }',
}),
});
- assert('Status code', res.status).toBe(200);
+ ressert(res).status.toBe(200);
},
),
audit(
@@ -747,7 +687,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
},
body: JSON.stringify({ query: '{' }),
});
- assert('Status code', res.status).toBe(200);
+ ressert(res).status.toBe(200);
},
),
audit(
@@ -763,7 +703,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
query: '{ 8f31403dfe404bccbb0e835f2629c6a7 }', // making sure the field doesnt exist
}),
});
- assert('Status code', res.status).toBe(200);
+ ressert(res).status.toBe(200);
},
),
// Response application/graphql-response+json
@@ -779,7 +719,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
},
body: '{ "not a JSON',
});
- assert('Status code', res.status).toBeBetween(400, 499);
+ ressert(res).status.toBeBetween(400, 499);
},
),
audit(
@@ -793,7 +733,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
},
body: '{ "not a JSON',
});
- assert('Status code', res.status).toBe(400);
+ ressert(res).status.toBe(400);
},
),
audit(
@@ -807,10 +747,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
},
body: '{ "not a JSON',
});
- assert(
- 'Data entry',
- (await assertBodyAsExecutionResult(res)).data,
- ).toBe(undefined);
+ await ressert(res).bodyAsExecutionResult.data.toBe(undefined);
},
),
audit(
@@ -827,7 +764,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
qeury /* typo */: '{ __typename }',
}),
});
- assert('Status code', res.status).toBeBetween(400, 599);
+ ressert(res).status.toBeBetween(400, 599);
},
),
audit(
@@ -843,7 +780,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
qeury: /* typo */ '{ __typename }',
}),
});
- assert('Status code', res.status).toBe(400);
+ ressert(res).status.toBe(400);
},
),
audit(
@@ -859,10 +796,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
qeury: /* typo */ '{ __typename }',
}),
});
- assert(
- 'Data entry',
- (await assertBodyAsExecutionResult(res)).data,
- ).toBe(undefined);
+ await ressert(res).bodyAsExecutionResult.data.toBe(undefined);
},
),
audit(
@@ -879,7 +813,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
query: '{',
}),
});
- assert('Status code', res.status).toBeBetween(400, 599);
+ ressert(res).status.toBeBetween(400, 599);
},
),
audit(
@@ -895,7 +829,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
query: '{',
}),
});
- assert('Status code', res.status).toBe(400);
+ ressert(res).status.toBe(400);
},
),
audit(
@@ -911,10 +845,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
query: '{',
}),
});
- assert(
- 'Data entry',
- (await assertBodyAsExecutionResult(res)).data,
- ).toBe(undefined);
+ await ressert(res).bodyAsExecutionResult.data.toBe(undefined);
},
),
audit(
@@ -931,7 +862,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
query: '{ 8f31403dfe404bccbb0e835f2629c6a7 }', // making sure the field doesnt exist
}),
});
- assert('Status code', res.status).toBeBetween(400, 599);
+ ressert(res).status.toBeBetween(400, 599);
},
),
audit(
@@ -947,7 +878,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
query: '{ 8f31403dfe404bccbb0e835f2629c6a7 }', // making sure the field doesnt exist
}),
});
- assert('Status code', res.status).toBe(400);
+ ressert(res).status.toBe(400);
},
),
audit(
@@ -963,10 +894,7 @@ export function serverAudits(opts: ServerAuditOptions): Audit[] {
query: '{ 8f31403dfe404bccbb0e835f2629c6a7 }', // making sure the field doesnt exist
}),
});
- assert(
- 'Data entry',
- (await assertBodyAsExecutionResult(res)).data,
- ).toBe(undefined);
+ await ressert(res).bodyAsExecutionResult.data.toBe(undefined);
},
),
// TODO: how to fail and have the data entry?
diff --git a/src/audits/utils.ts b/src/audits/utils.ts
index f9a142be..7d0d36a8 100644
--- a/src/audits/utils.ts
+++ b/src/audits/utils.ts
@@ -24,10 +24,10 @@ export function audit(name: AuditName, fn: () => Promise): Audit {
name,
status: 'ok',
};
- } catch (errOrReason) {
- if (typeof errOrReason !== 'string') {
- // anything thrown that is not an assertion string is considered fatal
- throw errOrReason;
+ } catch (err) {
+ if (!(err instanceof AuditError)) {
+ // anything thrown that is not an assertion error is considered fatal
+ throw err;
}
return {
name,
@@ -36,7 +36,8 @@ export function audit(name: AuditName, fn: () => Promise): Audit {
'error'
: // everything else is optional and considered a warning
'warn',
- reason: errOrReason,
+ reason: err.reason,
+ response: err.response,
};
}
},
@@ -44,86 +45,116 @@ export function audit(name: AuditName, fn: () => Promise): Audit {
}
/**
- * Will throw a string if the assertion fails.
- *
- * All fatal problems will throw an instance of Error.
+ * Error thrown when an assertion test fails.
*
* @private
*/
-export function assert(name: string, actual: T) {
- return {
- toBe: (expected: T) => {
- if (actual !== expected) {
- throw `${name} ${actual} is not ${expected}`;
- }
- },
- toBeBetween: (
- min: T extends number ? T : never,
- max: T extends number ? T : never,
- ) => {
- if (!(min <= actual && actual <= max)) {
- throw `${name} ${actual} is not between ${min} and ${max}`;
- }
- },
- toContain: (
- expected: T extends Array ? U : T extends string ? T : never,
- ) => {
- // @ts-expect-error types will match, otherwise never
- // eslint-disable-next-line @typescript-eslint/no-explicit-any
- if (!actual.includes(expected as any)) {
- throw `${name} ${JSON.stringify(
- actual,
- )} does not contain ${JSON.stringify(expected)}`;
- }
- },
- notToContain: (
- expected: T extends Array ? U : T extends string ? T : never,
- ) => {
- // @ts-expect-error types will match, otherwise never
- // eslint-disable-next-line @typescript-eslint/no-explicit-any
- if (actual.includes(expected as any)) {
- throw `${name} ${JSON.stringify(actual)} contains ${JSON.stringify(
- expected,
- )}`;
- }
- },
- toHaveProperty: (
- // eslint-disable-next-line @typescript-eslint/no-explicit-any
- prop: T extends Record ? PropertyKey : never,
- ) => {
- // @ts-expect-error types will match, otherwise never
- if (!(prop in actual)) {
- throw `${name} ${JSON.stringify(
- actual,
- )} does not have a property '${String(prop)}'`;
- }
- },
- notToHaveProperty: (
- // eslint-disable-next-line @typescript-eslint/no-explicit-any
- prop: T extends Record ? PropertyKey : never,
- ) => {
- // @ts-expect-error types will match, otherwise never
- if (prop in actual) {
- throw `${name} ${JSON.stringify(actual)} does have a property '${String(
- prop,
- )}'`;
- }
- },
- };
+export class AuditError {
+ /**
+ * Response from the server.
+ */
+ public response: Response;
+ /**
+ * Reason for the failing audit.
+ */
+ public reason: string;
+ constructor(response: Response, reason: string) {
+ this.response = response;
+ this.reason = reason;
+ }
}
/**
- * Parses the string as JSON and safely reports parsing issues for audits.
+ * Will throw an AuditError if the assertion on Response fails.
+ *
+ * All fatal problems will throw an instance of an Error.
*
- * Assumes the parsed JSON will be an `ExecutionResult`.
+ * The name "ressert" is a wordplay combining "response" and "assert".
*
* @private
- * */
-export async function assertBodyAsExecutionResult(res: Response) {
- const str = await res.text();
- try {
- return JSON.parse(str) as ExecutionResult;
- } catch (err) {
- throw `Response body is not valid JSON. Got ${JSON.stringify(str)}`;
- }
+ */
+export function ressert(res: Response) {
+ return {
+ status: {
+ toBe(code: number) {
+ if (res.status !== code) {
+ throw new AuditError(res, `Response status code is not ${code}`);
+ }
+ },
+ toBeBetween: (min: number, max: number) => {
+ if (!(min <= res.status && res.status <= max)) {
+ throw new AuditError(
+ res,
+ `Response status is not between ${min} and ${max}`,
+ );
+ }
+ },
+ },
+ header(key: 'content-type') {
+ return {
+ toContain(part: string) {
+ if (!res.headers.get(key)?.includes(part)) {
+ throw new AuditError(
+ res,
+ `Response header ${key} does not contain ${part}`,
+ );
+ }
+ },
+ notToContain(part: string) {
+ if (res.headers.get(key)?.includes(part)) {
+ throw new AuditError(
+ res,
+ `Response header ${key} contains ${part}`,
+ );
+ }
+ },
+ };
+ },
+ bodyAsExecutionResult: {
+ data: {
+ async toBe(val: ExecutionResult['data']) {
+ let body: ExecutionResult;
+ try {
+ body = await res.json();
+ } catch (err) {
+ throw new AuditError(res, 'Response body is not valid JSON');
+ }
+ if (body.data !== val) {
+ throw new AuditError(
+ res,
+ `Response body execution result data is not "${val}"`,
+ );
+ }
+ },
+ },
+ async toHaveProperty(key: keyof ExecutionResult) {
+ let body: ExecutionResult;
+ try {
+ body = await res.json();
+ } catch (err) {
+ throw new AuditError(res, 'Response body is not valid JSON');
+ }
+ if (!(key in body)) {
+ throw new AuditError(
+ res,
+ `Response body execution result does not have a property "${key}"`,
+ );
+ }
+ },
+ async notToHaveProperty(key: keyof ExecutionResult) {
+ let body: ExecutionResult;
+ try {
+ body = await res.json();
+ } catch (err) {
+ throw new AuditError(res, 'Response body is not valid JSON');
+ }
+ if (key in body) {
+ throw new AuditError(
+ res,
+ `Response body execution result has a property "${key}"`,
+ );
+ }
+ },
+ },
+ };
}