sjs/rack-attack
1
0
Fork 0
mirror of https://github.com/samsonjs/rack-attack.git synced 2026-03-25 09:25:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Prefer to not use X- style headers for clarity

Browse source 
The IETF decided the X- style custom headers have caused more headache than the value: https://tools.ietf.org/html/rfc6648 so this tool (which is very popular and much loved) shouldn't suggest using an old style.
This commit is contained in:
Kurtis Rainbolt-Greene 2018-08-16 08:11:30 -07:00 committed by GitHub
parent 516660b55c
commit 3e5a4607cd
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
README.md
View file

@ -300,7 +300,7 @@ end
While Rack::Attack's primary focus is minimizing harm from abusive clients, it
can also be used to return rate limit data that's helpful for well-behaved clients.
Here's an example response that includes conventional `X-RateLimit-*` headers:
Here's an example response that includes conventional `RateLimit-*` headers:
```ruby
Rack::Attack.throttled_response = lambda do |env|
@ -308,9 +308,9 @@ Rack::Attack.throttled_response = lambda do |env|
now = match_data[:epoch_time]
headers = {
'X-RateLimit-Limit' => match_data[:limit].to_s,
'X-RateLimit-Remaining' => '0',
'X-RateLimit-Reset' => (now + (match_data[:period] - now % match_data[:period])).to_s
'RateLimit-Limit' => match_data[:limit].to_s,
'RateLimit-Remaining' => '0',
'RateLimit-Reset' => (now + (match_data[:period] - now % match_data[:period])).to_s
}
[ 429, headers, ["Throttled\n"]]