New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
express-slow-down
Advanced tools
express-slow-down - npm Package Compare versions
Comparing version 1.3.1 to 1.4.0
@@ -14,10 +14,11 @@ "use strict"; | ||
| skipSuccessfulRequests: false, // Do not count successful requests (status < 400) | ||
| headers: false, //Send custom delay limit header with limit and remaining | ||
| // allows to create custom keys (by default user IP is used) | ||
| keyGenerator: function(req /*, res*/) { | ||
| keyGenerator: function (req /*, res*/) { | ||
| return req.ip; | ||
| }, | ||
| skip: function(/*req, res*/) { | ||
| skip: function (/*req, res*/) { | ||
| return false; | ||
| }, | ||
| onLimitReached: function(/*req, res, optionsUsed*/) {} | ||
| onLimitReached: function (/*req, res, optionsUsed*/) {}, | ||
| }); | ||
@@ -45,3 +46,3 @@ | ||
| options.store.incr(key, function(err, current, resetTime) { | ||
| options.store.incr(key, function (err, current, resetTime) { | ||
| if (err) { | ||
@@ -68,5 +69,16 @@ return next(err); | ||
| resetTime: resetTime, | ||
| delay: delay | ||
| delay: delay, | ||
| }; | ||
| if (options.headers && !res.headersSent) { | ||
| res.setHeader("X-SlowDown-Limit", req.slowDown.limit); | ||
| res.setHeader("X-SlowDown-Remaining", req.slowDown.remaining); | ||
| if (resetTime instanceof Date) { | ||
| // if we have a resetTime, also provide the current date to help avoid issues with incorrect clocks | ||
| res.setHeader("Date", new Date().toGMTString()); | ||
| res.setHeader( | ||
| "X-SlowDown-Reset", | ||
| Math.ceil(resetTime.getTime() / 1000) | ||
| ); | ||
| } | ||
| } | ||
| if (current - 1 === delayAfter) { | ||
@@ -86,3 +98,3 @@ options.onLimitReached(req, res, options); | ||
| if (options.skipFailedRequests) { | ||
| res.on("finish", function() { | ||
| res.on("finish", function () { | ||
| if (res.statusCode >= 400) { | ||
@@ -103,3 +115,3 @@ decrementKey(); | ||
| if (options.skipSuccessfulRequests) { | ||
| res.on("finish", function() { | ||
| res.on("finish", function () { | ||
| if (res.statusCode < 400) { | ||
@@ -106,0 +118,0 @@ options.store.decrement(key); |
@@ -13,3 +13,3 @@ "use strict"; | ||
| this.incr = function(key, cb) { | ||
| this.incr = function (key, cb) { | ||
| if (hits[key]) { | ||
@@ -24,3 +24,3 @@ hits[key]++; | ||
| this.decrement = function(key) { | ||
| this.decrement = function (key) { | ||
| if (hits[key]) { | ||
@@ -32,3 +32,3 @@ hits[key]--; | ||
| // export an API to allow hits all IPs to be reset | ||
| this.resetAll = function() { | ||
| this.resetAll = function () { | ||
| hits = {}; | ||
@@ -39,3 +39,3 @@ resetTime = calculateNextResetTime(windowMs); | ||
| // export an API to allow hits from one IP to be reset | ||
| this.resetKey = function(key) { | ||
| this.resetKey = function (key) { | ||
| delete hits[key]; | ||
@@ -42,0 +42,0 @@ delete resetTime[key]; |
| { | ||
| "name": "express-slow-down", | ||
| "version": "1.3.1", | ||
| "version": "1.4.0", | ||
| "description": "Basic IP rate-limiting middleware for Express that slows down responses rather than blocking the user.", | ||
@@ -38,11 +38,11 @@ "homepage": "https://github.com/nfriedly/express-slow-down", | ||
| "devDependencies": { | ||
| "eslint": "^5.12.0", | ||
| "eslint-config-prettier": "^3.3.0", | ||
| "eslint-plugin-prettier": "^3.0.1", | ||
| "express": "^4.16.4", | ||
| "husky": "^1.3.1", | ||
| "mocha": "^5.2.0", | ||
| "prettier": "^1.15.3", | ||
| "pretty-quick": "^1.8.0", | ||
| "supertest": "^3.3.0" | ||
| "eslint": "^7.15.0", | ||
| "eslint-config-prettier": "^7.0.0", | ||
| "eslint-plugin-prettier": "^3.2.0", | ||
| "express": "^4.17.1", | ||
| "husky": "^4.3.5", | ||
| "mocha": "^8.2.1", | ||
| "prettier": "^2.2.1", | ||
| "pretty-quick": "^3.1.0", | ||
| "supertest": "^6.0.1" | ||
| }, | ||
@@ -49,0 +49,0 @@ "scripts": { |
@@ -105,3 +105,3 @@ # Express Slow Down | ||
| // 21st request - 20000ms delay | ||
| // 22st request - 20000ms delay | ||
| // 22nd request - 20000ms delay | ||
| // 23rd request - 20000ms delay | ||
@@ -140,2 +140,3 @@ // 24th request - 20000ms delay <-- will not increase past 20000ms | ||
| - Note: when using express-slow-down and express-rate-limit with an external store, you'll need to create two instances of the store and provide different prefixes so that they don't double-count requests. | ||
| - **headers**: Add `X-SlowDown-Limit`, `X-SlowDown-Remaining`, and if the store supports it, `X-SlowDown-Reset` headers to all responses. Modeled after the equivalent headers in express-rate-limit. Default: `false` | ||
@@ -142,0 +143,0 @@ ## License |
No alert changes
Improved metrics
- Total package byte prevSize
- increased by7.04%
12685
- Lines of code
- increased by9.42%
151
- Number of lines in readme file
- increased by0.7%
144
No dependency changes