Comments (7)
nfriedly
commented on May 24, 2024
1
That's interesting, I didn't know about the change in convention.
(Sorry, I just realized that the rest of the reply didn't make any sense in the context of this module.)
from express-rate-limit.
tjallingt
commented on May 24, 2024
1
Hey @nfriedly thanks for the quick reply, don't worry i understand you are bussy 😄
I might drop a quick pr for a start on v3 but I will mostly focus on removing complexity that I don't think is necessairy (such as the delay stuff)
When that is out we can start looking ahead at how to re-implement lacking functionality in ways that make the most sense.
from express-rate-limit.
nickzuber
commented on May 24, 2024
For v3 should we consider deprecating headers named X-... and effectively remove the X from all the custom header names? It's the convention now:
SHOULD NOT prefix their parameter names with "X-" or similar constructs.
Not a major issue or anything but if you're gonna upgrade to a new major version this could be something easy to add.
from express-rate-limit.
tjallingt
commented on May 24, 2024
What is the status on this?
Especially the first point is of interest to me as i find it strange that the default behaviour of this middleware is to start delaying requests by one second after the first request, which I don't think is a common usecase for most users of a rate limit middleware 😕
from express-rate-limit.
nfriedly
commented on May 24, 2024
Hey,
Things are kind of in maintenance mode right now. I changed jobs so I can no longer work on this during working hours, and I don't have a lot of time available outside of work.
I know a lot of people use this, so I basically accept most PRs that don't break backwards compatibility. Even for a v3 release, where it's OK to remove or break some features, I'd still like to keep compatibility with the existing stores that people have written.
If you're interested and available, I'd love some support with creating a v3 that made a little more sense. It wouldn't have to hit all of the above points, anything would be progress.
I just reworded the ticket to make a little more sense (and I removed the idea of dropping support for external stores - that wouldn't be a good idea at this point.)
from express-rate-limit.
ashraful-islam
commented on May 24, 2024
- Make
onLimitReachedonly fire once before an IP resets
That is literally just one additional if , may be set it for first-timer-only or something like that.
@tjallingt if you started the v3 branch, I could help with one or two checkboxes :)
from express-rate-limit.
nfriedly
commented on May 24, 2024
It's done!
from express-rate-limit.
Related Issues (20)
- Leaky bucket strategy HOT 3
- Not callable expression in 6.7.1 HOT 14
- Multiple rate limits with different window sizes not working properly HOT 6
- ValidationError: The 'X-Forwarded-For' header is set but the Express HOT 2
- I found that this library occasionally works and occasionally doesn't work. HOT 3
- limit is not working , still need to set max HOT 5
- [Question] keyGenerator option HOT 4
- Get Remaining Rate-Limit HOT 3
- ERR_ERL_DOUBLE_COUNT with multiple rate limits HOT 2
- It blocks all IPs instead of blocking each IP HOT 7
- getKey is undefined in Redis Store HOT 9
- Passed options in RateLimitRequestHandler HOT 1
- Install a problem in express5 / express@next HOT 9
- Can't get the correct ip HOT 3
- Ratelimit headers empty while running on Bun v1.0.x HOT 1
- Don't know how to resetKey when user complete captcha HOT 6
- requestWasSuccessful usage doesn't support returning a Promise
- Can't use process.env variables HOT 3
- An option similar to `skip` but which is evaluated after the request has completed HOT 2
- Add Support for Persistent Storage (e.g., Redis) in express-rate-limit HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from express-rate-limit.