Restrict static introspection to only __schema and __type (#1299)

* free inspection only for __schema and __type

* add this change to changelog

NEXT_CHANGELOG.md

@@ -255,6 +255,11 @@ By [@garypen](https://github.com/garypen) in https://github.com/apollographql/ro
 
 ## 🐛 Fixes
 
+### Restrict static introspection to only `__schema` and `__type` ([PR #1299](https://github.com/apollographql/router/pull/1299))
+Queries with selected field names starting with `__` are recognized as introspection queries. This includes `__schema`, `__type` and `__typename`. However, `__typename` is introspection at query time which is different from `__schema` and `__type` because two of the later can be answered with queries with empty input variables. This change will restrict introspection to only `__schema` and `__type`.
+
+By [@dingxiangfei2009](https://github.com/dingxiangfei2009) in https://github.com/apollographql/router/pull/1299
+
 ### Fix scaffold support ([PR #1293](https://github.com/apollographql/router/pull/1293))
 
 By [@garypen](https://github.com/garypen) in https://github.com/apollographql/router/pull/1293

apollo-router/src/spec/query.rs

@@ -728,7 +728,12 @@ impl Operation {
 
     fn is_introspection(&self) -> bool {
         self.selection_set.iter().all(|sel| match sel {
-            Selection::Field { name, .. } => name.as_str().starts_with("__"),
+            Selection::Field { name, .. } => {
+                let name = name.as_str();
+                // `__typename` can only be resolved in runtime,
+                // so this query cannot be seen as an introspection query
+                name == "__schema" || name == "__type"
+            }
             _ => false,
         })
     }