cloud_controller_ng icon indicating copy to clipboard operation
cloud_controller_ng copied to clipboard
verified publisher icon cloudfoundry

Retry-After header in 429 Too Many Request responses should be time until rate limit reset

Open andy-paine opened this issue 4 years ago • 0 comments

Issue

The Retry-After header should be time until reset rather than the current implementation of Unix time at which the rate limit reset

Context

The Mozilla docs cover this fairly well https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Retry-After. We currently just set the value to be the same as the X-RateLimit-Reset header value

Steps to Reproduce

  1. Query a CC API instance with a rate limit enabled
  2. Make enough requests to exhaust limit
  3. Look at headers on 429 response

Expected result

  1. X-RateLimit-Reset header contains timestamp at which limit resets
  2. Retry-After header contains number of seconds until limit resets

Current result

  1. X-RateLimit-Reset header contains timestamp at which limit resets
  2. Retry-After header contains timestamp at which limit resets

Possible Fix

Calculate the diff between the X-RateLimit-Reset and Time.now for the Retry-After header

andy-paine avatar Oct 21 '21 10:10 andy-paine