Add informational headers for rate-limit #303
Comments
|
Is this relevant for paid API rate limiting? I would want this as an opt-in feature. I think many (default?) cases of rate limiting is due to abuse where you don't really want to reveal the settings to an attacker. |
Hmm, it's good to have but not a must to have. it was just my suggestion. you can make it optional like in the settings. we can put key expose DJANGO_RATELIMIT_EXPOSE_HEADERS = bool or list( of available headers to expose). so those who want to use this can use it. |
|
Hi @anupsingh3292, you closed the issue? I'm not the maintainer here, and I was only expressing a preference for what would be the default if the feature was implemented. I think you should reopen this issue, it's a well-written description of what you would like. Great idea with the setting 👍 |
|
I'll reopen it—I agree that it's a useful feature @anupsingh3292 and I also agree that the setting should be opt-in @benjaoming! |
|
Sorry for the late reply. btw thanks.. i'm hoping for changes that have been done. |
The suggestion I`ve got from GPT and it would be better to have extra informational headers.
X-RateLimit-Limit: This header indicates the maximum number of requests allowed within the given time window (e.g., per minute, per hour).
X-RateLimit-Remaining: This header shows how many requests the client has remaining within the current time window. It helps the client keep track of their usage.
X-RateLimit-Reset: This header specifies the timestamp (usually in Unix time) when the rate limit will reset, allowing the client to know when they can make more requests.
X-RateLimit-RETRY-AFTER Retry after a given amount of time. timestamp (usually in Unix time).
other changes will be appreciated. Thanks
The text was updated successfully, but these errors were encountered: