Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[RateLimiter] retry-after of SlidingWindowLimiter is incorrect #40289

Closed
@xesxen

Description

@xesxen

Symfony version(s) affected: 5.2.x

Description

The SlidingWindowLimiter exposes a retry-after value intended for exposing to the user.

Instead of the time after which you can retry the current request (for when the request was rejected) the value represents when the current window will end. This is confusing as the limiter can potentially have a previous window set, in which case the retry-after is way sooner than expected.

How to reproduce

  • Given a previous "full" 60-second 60-token window
  • We're 12 seconds into the new window with already 12 tokens accounted for (that's 12+ 60*(0.8) = 60 tokens used)
  • Given a 1-token costing consumer
  • This would mean the X-RateLimit-Retry-After, as seen in the documentation linked above, would give a timestamp 48 seconds in the future, instead of the 1 second the limiter would need for the needed tokens to become available again

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions