-
Notifications
You must be signed in to change notification settings - Fork 65
New issue
Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? # to your account
Rate limiter whitelist #517
Comments
Hey @zguig52 Thanks for this idea, sounds really reasonable. Would you be interested in contributing to the module with this feature? I can provide any help needed :) |
Hi @Baroshem , I would be very happy to contribute with this feature. I will try to get some time before the end of the month to work on it. I have first to read all the doc related to Nuxt plugin dev and setup the dev env with your plugin, I never worked on this. Thanks for this :) |
Awesome, please let me know if you have some questions. |
Hi @Baroshem, just did a first basic version of whitelist management, I was quite busy, sorry for so late reply. In order to support more advance configuration use cases, it would be nice to support IPs range and subnets. In current implementation (array of string), the challenge to keep same efficient and simple format is related to identifying first if the string is an IP, an IP range or an IP subnet. There is also the IPv4 vs IPv6 format to be detected. What would be nice, to keep same configuration format, would be to perform configuration checks and store structured data at server startup (for example detect automatically if the configuration element is an IPv4, IPv6, a range, a network, etc). If possible to do so, we would be able to efficiently make comparisons vs current IP address. I don't want to parse/classify configuration input each time a connection is performed as it would slow down the whole process too much. For ex, input config could be:
From this we could identify:
Then we verify if IPs, networks and ranges are valid IPv4 or IPv6 addresses and store valid configuration elements in a structured array like this (to be further defined based on library used requirements):
Based on this, at execution time, we then have to:
If this is not possible, then we could make a breaking format input VS basic implementation done (but not yet released so maybe not too late to change before) and directly ask to the user to classify them (but it is not so elegant and easy to use vs config systems I already saw + there is still the address format validity which has to be performed at startup to clear useless infos and warn user about config mistake):
|
@zguig52 I think we can easily parse at server startup |
@vejja , thanks for your response. I will have a look to this file to check what can be performed at startup! |
Is your feature request related to a problem? Please describe.
During load/performances tests, it would be nice to allow defining whitelisted IP (traffic injectors), so there is no need to disable this feature during the tests.
Also this could be interesting to be used when other internal trusted servers are calling the application for batch jobs.
Describe the solution you'd like
Add a new parameter, a list of IPs that will be whitelisted and not stored in the rate limiter DB, thus allowing no limits for specific hosts.
Describe alternatives you've considered
Disable the rate limiter during the tests
The text was updated successfully, but these errors were encountered: