All Collections
Scanning API's
'500 Internal Error' when attempting to scan a GraphQL application via filePath
'500 Internal Error' when attempting to scan a GraphQL application via filePath
Anthony Stinn avatar
Written by Anthony Stinn
Updated over a week ago

Issue

When using the filePath configuration for a GraphQL application, the scanner outputs an Internal Error to the console:

Unexpected Error:Server error(https://api.stackhawk.com/api/v1/scan/<scan_id>/error: 500 . Text: "{"message":"Internal Error"}"

The corresponding ZAP log (located in ~/.hawk.logs on a local system using CLI or in the docker container run interactively and accessed via the inspect scan logs process) shows a parse error such as:

2022-01-26 19:12:47,225 [DefaultDispatcher-worker-1] WARN TalonGraphQLSchema - Unable to parse schema introspection.

Schema: {

"data": {

"__schema": {

"queryType": {

...

Cause

GraphQL schema file cannot be parsed due to a file formatting issue.

Solution

Format the schema file such that "__schema" is the first element.

For instance:

{"__schema": {"queryType": {"name": "Query"}, ... }


Whereas if the file is formatted like the results of an introspection query (starting with "data"), parsing will fail:

{"data": {"__schema": {"queryType": {"name": "Query"}, ... }

Additional Information

When configuring GraphQL applications, use either the schemaPath or filePath configurations, but not both.

See app.graphqlConf.filePath for more details.

Related Articles
Scanning GraphQL
Why do I see extra URL’s in the Paths tab under Scan Details?
How to configure the StackHawk GitHub Action to fail when encountering a scan error
'No default configuration file' error when running the HawkScan CLI
How to generate a GraphQL schema file for use by HawkScan
Did this answer your question?