Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Question: mistake in documentation? #15

Closed
samdegroot1 opened this issue Jan 25, 2023 · 3 comments · May be fixed by #16
Closed

Question: mistake in documentation? #15

samdegroot1 opened this issue Jan 25, 2023 · 3 comments · May be fixed by #16

Comments

@samdegroot1
Copy link

This documentation page states there is a rate limit of 1000 requests per hour for opencve.io API. In fact when i check the response headers when making a request to the API, the X-RateLimit-Limit header says my limit is 250.

Is this a mistake in the documentation, and if not, could the documentation be more clear about which rate limit rule applies in which situation?

@ncrocfer
Copy link
Member

Indeed we have changed this value because of some abuse. Rhe new values are now 250/hour and 2/seconds, I will update the documentation.

@samdegroot1
Copy link
Author

Hi @ncrocfer thanks for your quick reply and the fix in the documentation! I have been testing with the API and the fixed limit of 250 requests per hour works fine. I had the rate limit on seconds configured as 2 requests per 2 seconds, so 1 request per second.
Somehow with that configuration i was hitting the rate limiter and got the 429 status code rate limit reached. The same with 2 requests per 3 seconds. Now i have 1 request per 3 seconds configured, and now my process finishes without hitting the rate limiter.

I am using the Symfony rate limiter; https://symfony.com/doc/current/rate_limiter.html
image

Do you have any idea why 1 request per second seems to be exceeding the rate limits?

Anyways, the 1 request per 3 seconds is fine for me. I was just wondering and wanted to give you a heads up ;)

@ncrocfer
Copy link
Member

I had the rate limit on seconds configured as 2 requests per 2 seconds, so 1 request per second.

No, 2 requests per 2 seconds can be: you reach the quota with 2 requests during the first second, no matter how many requests you will do in the 2nd second.

Anyway I will not continue this discussion as your question is not related to OpenCVE and you're talking here about a Symfony code. I advice you to ask the Symfony community.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants