Bypass rate limiter by header

sethvargo / go-limiter

A supersonic rate limiting package for Go with HTTP middleware.

Apache License 2.0

555 stars 40 forks source link

Bypass rate limiter by header #37

Closed acbeni closed 1 year ago

acbeni commented 1 year ago

Is it possible to bypass the rate limiter by some custom header? or maybe a custom bypasser function?

Sorry if the question was asked before, i just couldn't find much,

sethvargo commented 1 year ago

That seems like it could be easily abused. If you really wanted to do that, you could define a custom key func that, when the debug header is present, generates a random string for the key. That would effectively bypass the rate limit for requests with that header.

acbeni commented 1 year ago

Thank you @sethvargo. The solution you proposed would solve my issue. and thanks again for the nice framework and quick response ❤️

github-actions[bot] commented 1 year ago

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.