Welcome! Log In Create A New Profile

Advanced

Support RetryAfter header for RateLimit responses

Posted by StefanLobbenmeier 
Support RetryAfter header for RateLimit responses
May 31, 2024 05:22AM
At my company we are current adding rate limiting to our nginx ingress configuration. I really like that it is just one annotation there to get started + one configMap entry to set the response code to 429.

After that I looked into how to handle this 429 code in our client. It is fairly easy to just handle it with a message like "You are clicking too fast", but I wanted a bit more advanced behaviour than this.


That is why I would like to see nginx response with a RetryAfter header. It should include the time in seconds until the client is no longer blocked. That means for rps rate limiting this is always 1s, for rpm rate limiting I would expect this to be slightly higher, probably up to 30 seconds.

The only thing I discovered so far is someone setting the RetryAfter header to always be 120s like this: https://serverfault.com/questions/979144/nginx-add-retry-after-header-to-only-429-responses/979156#979156, but there does not seem to be a way to set this to a calculated value by nginx.

Ideally there are also other headers to be supported, like RateLimit-Limit and RateLimit reamaining to help judge in the client when to use cache and when new information is worth spending the credits on: https://stackoverflow.com/a/16022625, but since those are not standardized yet I would consider those less important for now.

As a reference, this is how this is implemented in Traefik: https://github.com/traefik/traefik/blob/7fc56454ea9a2baa004db509a5a644bc199297c6/pkg/middlewares/ratelimiter/rate_limiter.go#L180



Edited 1 time(s). Last edit at 05/31/2024 05:30AM by StefanLobbenmeier.
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 126
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready