stephan-v
commented
3 years ago You usually don't want to give away such information since you are using a rate limiter for a reason, which is usually to prevent spam/bots/overloading/unwanted malicious behaviour.
Also rate limiting is usually done for X amount of requests in a minute and not for one request every 24 hours. Locking someone out for 24 hours is a whole different concept than rate limiting.
Hello,
Currently the 429 error pages only has the message "Too Many Requests",
No indication of how much time user has to wait at all! and this is a bad UX IMHO. For example if user is limited for 24 hours, he/she have to keep trying that page to see if they have gained access again.
I published the error pages, and tried editing the 429.blade.php page to add the remaining time, but there is no clear way to access that data in a view...
Docs mention a Retry-After header, but this value doesn't seem to be available in
headers_list()in the 429.blade view, nor inresponse(),session()or any other methods I've tried in that view.I'm not sure how to access this specific value in an error page view, and the documentation isn't clear in that regard.
So my suggestion is, to please display the remaining limit time in the 429 error page by default, or provide us with simple variables in that page so we can display it ourself.
Thank you for the awesome framework.