From 8a0fd35880509a95896e5897395746fc71669b7b Mon Sep 17 00:00:00 2001
From: Zach Millman <zach.millman@gmail.com>
Date: Fri, 12 Jul 2013 14:45:59 -0700
Subject: [PATCH] Fix response status comment for README

---
 README.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index cb65603..03c19cf 100644
--- a/README.md
+++ b/README.md
@@ -165,6 +165,8 @@ Customize the response of blacklisted and throttled requests using an object tha
 
 ```ruby
     Rack::Attack.blacklisted_response = lambda do |env|
+      # Using 503 because it may make attacker think that they have successfully
+      # DOSed the site, Rack::Attack returns 401 for blacklists by default
       [ 503, {}, ['Blocked']]
     end
 
@@ -176,6 +178,8 @@ Customize the response of blacklisted and throttled requests using an object tha
         env['rack.attack.match_data']
       ].inspect
 
+      # Using 503 because it may make attacker think that they have successfully
+      # DOSed the site, Rack::Attack returns 401 for blacklists by default
       [ 503, {}, [body]]
     end
 ```
@@ -186,8 +190,6 @@ For responses that did not exceed a throttle limit, Rack::Attack annotates the e
     request.env['rack.attack.throttle_data'][name] # => { :count => n, :period => p, :limit => l }
 ```
 
-Note that Rack::Attack uses 503 Service Unavailable by default instead of 429 Too Many Requests for throttling because it may make attacker think that they have successfully DOSed the site.
-
 ## Logging & Instrumentation
 
 Rack::Attack uses the [ActiveSupport::Notifications](http://api.rubyonrails.org/classes/ActiveSupport/Notifications.html) API if available.