You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It would be nice to define global rate limits for non 2xx responses.
Since the limits are tied to the routes it is not possible to define limits for requests that have response other than 2xx. As an example when requests are done for paths that generates a 404 response its not possible to rate limit these requests. This can pose a security risk, where a caller can DDoS on Not Found paths or try to scan your API to find valid paths.
I attempted calling the the limit inside an after_request function to apply a deduct_when function, but noticed that the __check_request_limit is tied to the view routes, so its not possible to call the limiter outside of the decorator scope.
It would be nice to define global rate limits for non 2xx responses.
Since the limits are tied to the routes it is not possible to define limits for requests that have response other than 2xx. As an example when requests are done for paths that generates a 404 response its not possible to rate limit these requests. This can pose a security risk, where a caller can DDoS on Not Found paths or try to scan your API to find valid paths.
I attempted calling the the
limit
inside anafter_request
function to apply adeduct_when
function, but noticed that the__check_request_limit
is tied to the view routes, so its not possible to call the limiter outside of the decorator scope.My failed attempt to limit on 404:
The text was updated successfully, but these errors were encountered: