Strawberry GraphQL: Default GraphiQL may expose HTTP headers in URLs
Description
Summary
Strawberry's bundled GraphiQL template wrote values from the GraphiQL headers editor into the browser URL query string. If a user entered a sensitive header, such as Authorization: Bearer , the value could become visible in browser history, copied links, and server/proxy/CDN access logs after a page reload or shared request.
Affected
Versions
- Affected:
strawberry-graphql >= 0.288.4, <= 0.315.3 - Patched: 0.315.4
The vulnerable behavior was introduced by the GraphiQL URL-sharing implementation in commit 9315ef80, first included in release 0.288.4.
Impact
Applications that expose Strawberry's default GraphiQL IDE may leak sensitive HTTP header values entered by users into the GraphiQL headers editor. The default IDE is enabled by graphql_ide="graphiql" across Strawberry HTTP integrations unless disabled or replaced by the application.
The exposure is limited to the browser-based IDE. GraphQL query execution is not affected, and this issue does not allow an attacker to directly execute operations or bypass authorization. Practical exploitation requires a user to enter a secret into the GraphiQL headers editor and then expose the resulting URL, for example by refreshing the page, copying the URL, sharing the URL, or causing the URL to be recorded by logging infrastructure.
Technical
Details
The bundled strawberry/static/graphiql.html template parsed URL query parameters into a parameters object and used those values to initialize GraphiQL state. It also updated the URL on editor changes using history.replaceState.
Before the fix, header values were handled like shareable query text and variables:
const [headers, setHeaders] = React.useState(parameters.headers);
function onEditHeaders(newHeaders) {
setHeaders(newHeaders);
updateURL({ headers: newHeaders });
}
This meant arbitrary header text entered into the IDE could be serialized into ?headers=....
Fix
The GraphiQL template no longer calls updateURL from onEditHeaders. Query and variable URL sharing remain unchanged, and existing URLs with headers=... can still initialize the headers editor. Header persistence via GraphiQL's own shouldPersistHeaders: true behavior remains enabled, so newly edited headers can still persist locally without being placed in the URL.
Workarounds
Until a patched version can be used, applications can mitigate this issue by disabling the bundled IDE in production:
GraphQLRouter(schema, graphql_ide=None)
Equivalent graphql_ide=None configuration is available in Strawberry's other HTTP integrations.
Applications can also provide a custom GraphiQL template that does not serialize header values into the URL.
Credits
Reported by @lpschroer.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Strawberry GraphQL <=0.315.3 writes user-supplied HTTP headers from the GraphiQL IDE into the URL query string, potentially leaking sensitive tokens via browser history, shared links, and access logs.
Vulnerability
Strawberry's bundled GraphiQL IDE (enabled by default in HTTP integrations via graphql_ide="graphiql") serializes header values typed into the GraphiQL headers editor into the URL query string parameter ?headers=. Affected versions are strawberry-graphql >=0.288.4 up to and including 0.315.3 [1][2][4]. The vulnerability was introduced by commit 9315ef80 in version 0.288.4 [1][2]. The template strawberry/static/graphiql.html initializes the headers state from the URL and calls updateURL on every change, embedding the raw header value (e.g., Authorization: Bearer ) into the browser URL [1][4].
Exploitation
An attacker cannot directly trigger this behavior. Exploitation requires a legitimate user to enter a sensitive header value (such as an API token or JWT) into the GraphiQL headers editor and then perform any action that exposes the URL: refreshing the page, copying the URL, sharing the URL, or causing the URL to be recorded by logging infrastructure (browser history, server/proxy/CDN access logs) [1][2]. No network position, authentication bypass, or user interaction beyond normal IDE usage is needed from the attacker, but the victim must have already entered the secret into the headers editor.
Impact
Successful exploitation results in the disclosure of sensitive HTTP header values—most critically Authorization: Bearer —to any party who can access the URL after it has been persisted. The secret becomes visible in the browser's URL bar, browser history, any copied or shared link, and server/proxy/CDN access logs after a page reload [1][2][4]. GraphQL query execution is not directly affected, and the issue does not enable an attacker to execute operations or bypass authorization [1][2]. The impact is limited to information disclosure of user-entered credential material.
Mitigation
The vulnerability is fixed in version 0.315.4, released on May 19, 2026 [1][2][4]. The fix removes the updateURL call from the onEditHeaders handler while preserving URL sharing for queries and variables [1]. Users unable to immediately upgrade can disable the bundled GraphiQL IDE entirely by setting graphql_ide=None on the GraphQLRouter or integration configuration [4]. There is no known KEV listing for this CVE.
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: >= 0.288.4, <= 0.315.3
- Range: >=0.288.4, <=0.315.3
Patches
19818abce8195Don't update headers in GraphiQL (#4409)
4 files changed · +48 −8
docs/extensions/disable-introspection.md+6 −7 modified@@ -15,11 +15,10 @@ features of the API through GraphQL introspection. <Warning> `DisableIntrospection` does not block non-introspection fields that may expose -schema information. For example, Apollo Federation schemas expose `_service` -and its `sdl` field so gateways and routers can compose federated services. If -you use `strawberry.federation.Schema`, protect federated endpoints from -untrusted clients with your own authentication, authorization, or network -controls. +schema information. For example, Apollo Federation schemas expose `_service` and +its `sdl` field so gateways and routers can compose federated services. If you +use `strawberry.federation.Schema`, protect federated endpoints from untrusted +clients with your own authentication, authorization, or network controls. </Warning> @@ -51,8 +50,8 @@ _No arguments_ ## Example query: -Running any query including the introspection field `__schema` will result in -an error. Consider the following query, for example: +Running any query including the introspection field `__schema` will result in an +error. Consider the following query, for example: ```graphql query {
e2e/src/tests/graphiql.spec.ts+31 −0 modified@@ -133,4 +133,35 @@ test.describe("GraphiQL URL Sharing Tests", () => { await expect(headersEditor).toContainText("Authorization"); await expect(headersEditor).toContainText("Bearer token123"); }); + + test("does not update URL when headers are edited", async ({ + page, + }: { page: Page }) => { + await page.goto(GRAPHIQL_URL); + await waitForGraphiQL(page); + + const headersTab = page.locator('button:has-text("Headers")'); + await headersTab.click(); + + const headersEditor = page.locator( + ".graphiql-editor-tool .graphiql-editor:not(.hidden) .CodeMirror", + ); + await headersEditor.click(); + await page.keyboard.type('{"Authorization": "Bearer token123"}', { + delay: 50, + }); + + await expect(page.locator(".graphiql-editor-tool")).toContainText( + "Authorization", + ); + + await expect + .poll(() => new URL(page.url()).searchParams.get("headers")) + .toBeNull(); + + const url = page.url(); + expect(url).not.toContain("headers="); + expect(url).not.toContain("Authorization"); + expect(url).not.toContain("token123"); + }); });
RELEASE.md+11 −0 added@@ -0,0 +1,11 @@ +--- +release type: patch +--- + +This release fixes an issue in the bundled GraphiQL template where editing HTTP +headers, including `Authorization` headers, wrote those values into the browser +URL. + +GraphiQL still supports loading headers from existing `headers` URL parameters, +but newly edited headers are no longer added to the URL. Query and variables URL +sharing is unchanged.
strawberry/static/graphiql.html+0 −1 modified@@ -191,7 +191,6 @@ function onEditHeaders(newHeaders) { setHeaders(newHeaders); - updateURL({ headers: newHeaders }); } const explorerPlugin = GraphiQLPluginExplorer.explorerPlugin();
Vulnerability mechanics
Synthesis attempt was rejected by the grounding validator. Re-run pending.
References
4News mentions
0No linked articles in our index yet.