Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Rate Limiting configuration - policy validation
See original GitHub issueBackground and Motivation
The ASP.NET Core rate limiting middleware is great, but “limited” in terms of policy validation. Let’s start with some code that you can write today in .NET 7:
builder.Services.AddRateLimiter(options =>
{
options.AddFixedWindowLimiter("customPolicy", opt =>
{
opt.PermitLimit = 4;
opt.Window = TimeSpan.FromSeconds(12);
opt.QueueProcessingOrder = QueueProcessingOrder.OldestFirst;
opt.QueueLimit = 2;
});
// ...
});
There is no way to validate that customPolicy actually exists. This is useful when configuring multiple routes from configuration such as is the case for YARP. See https://github.com/microsoft/reverse-proxy/pull/1967
Proposed API
It would be preferred to something similar to IAuthorizationPolicyProvider implemented via DefaultAuthorizationPolicyProvider and ICorsPolicyProvider implemented via DefaultCorsPolicyProvider
namespace Microsoft.AspNetCore.RateLimiting;
- internal struct DefaultKeyType
+ public struct DefaultKeyType
{
// omitted ...
}
+
+ public interface IRateLimiterPolicyProvider
+ {
+ ValueTask<IRateLimiterPolicy<DefaultKeyType>?> GetDefaultPolicyAsync();
+ ValueTask<IRateLimiterPolicy<DefaultKeyType>?> GetPolicyAsync(string policyName);
+ }
+
+ public class DefaultRateLimiterPolicyProvider : IRateLimiterPolicyProvider
+ {
+ private readonly RateLimiterOptions _options;
+
+ public DefaultRateLimiterPolicyProvider(IOptions<RateLimiterOptions> options)
+ {
+
+ }
+
+ public ValueTask<IRateLimiterPolicy<DefaultKeyType>?> GetPolicyAsync(string policyName)
+ {
+ options.PolicyMap[policyName] ?? options.UnactivatedPolicyMap[policyName];
+ }
+ }
RateLimiterOptions.PolicyMap is internal hence this feature cannot be added in another library or the final application.
Usage Examples
Alternative Designs
None
Risks
None
Issue Analytics
- State:
- Created 9 months ago
- Comments:9 (7 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
This proposal will be discussed by our team in an upcoming API review meeting, after which we’ll provide feedback/suggestions.
Once a proposal gets to the
api-approvedstate, we’ll be ready to take a PR to implement the change.@adityamandaleeka this is done