Jul 24, 2017 · 1 min read
One could write an API that returns a set of JSON data. It doesn’t have to be one record response for every API request. Then the client just iterates through the response object.
I haven’t used GraphQL… but can GQL be susceptible to some form/kind of SQL injection attacks? The nice thing about REST is the database schema is completely shielded away from the user, (or any curious lookers).