express-rate-limit
Advanced tools
Comparing version 3.2.1 to 3.3.0
@@ -98,16 +98,30 @@ "use strict"; | ||
if (options.skipFailedRequests) { | ||
res.on("finish", function() { | ||
if (res.statusCode >= 400) { | ||
if (options.skipFailedRequests || options.skipSuccessfulRequests) { | ||
let decremented = false; | ||
const decrementKey = () => { | ||
if (!decremented) { | ||
options.store.decrement(key); | ||
decremented = true; | ||
} | ||
}); | ||
} | ||
}; | ||
if (options.skipSuccessfulRequests) { | ||
res.on("finish", function() { | ||
if (res.statusCode < 400) { | ||
options.store.decrement(key); | ||
} | ||
}); | ||
if (options.skipFailedRequests) { | ||
res.on("finish", function() { | ||
if (res.statusCode >= 400) { | ||
decrementKey(); | ||
} | ||
}); | ||
res.on("close", () => decrementKey()); | ||
res.on("error", () => decrementKey()); | ||
} | ||
if (options.skipSuccessfulRequests) { | ||
res.on("finish", function() { | ||
if (res.statusCode < 400) { | ||
options.store.decrement(key); | ||
} | ||
}); | ||
} | ||
} | ||
@@ -114,0 +128,0 @@ |
{ | ||
"name": "express-rate-limit", | ||
"version": "3.2.1", | ||
"version": "3.3.0", | ||
"description": "Basic IP rate-limiting middleware for Express. Use to limit repeated requests to public APIs and/or endpoints such as password reset.", | ||
@@ -5,0 +5,0 @@ "homepage": "https://github.com/nfriedly/express-rate-limit", |
@@ -20,2 +20,3 @@ # Express Rate Limit | ||
- [Memcached Store](https://npmjs.org/package/rate-limit-memcached) | ||
- [Mongo Store](https://www.npmjs.com/package/rate-limit-mongo) | ||
@@ -26,3 +27,3 @@ ### Alternate Rate-limiters | ||
- [strict-rate-limiter](https://www.npmjs.com/package/strict-rate-limiter) | ||
- [rate-limiter-flexible](https://www.npmjs.com/package/rate-limiter-flexible) | ||
- [express-brute](https://www.npmjs.com/package/express-brute) | ||
@@ -175,3 +176,8 @@ - [rate-limiter](https://www.npmjs.com/package/express-limiter) | ||
When set to `true`, failed requests (response status >= 400) won't be counted. | ||
When set to `true`, failed requests won't be counted. Request considered failed when: | ||
- response status >= 400 | ||
- requests that were cancelled before last chunk of data was sent (response `close` event triggered) | ||
- response `error` event was triggrered by response | ||
(Technically they are counted and then un-counted, so a large number of slow requests all at once could still trigger a rate-limit. This may be fixed in a future release.) | ||
@@ -178,0 +184,0 @@ |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
15910
158
277