My module is overriding the rate limiting module status for POST requests.

Jeremy Cocks jeremy at jeremy.cx
Sun Dec 4 20:32:13 UTC 2022


At the moment, no authz is really happening. During this testing I was
statically setting the advice from the policy server to be 200.
Setting this in the access phase works fine for me with no random hitches,
so that's fixed. Thanks.

For future reference, is there anything to go by which dictates what phase
a module should be in and its impact?
Obviously, access is quite self-explanatory and not sure how i missed it ;')


On Sun, 4 Dec 2022 at 20:19, Maxim Dounin <mdounin at mdounin.ru> wrote:

> Hello!
>
> On Sun, Dec 04, 2022 at 08:00:04PM +0000, Jeremy Cocks via nginx wrote:
>
> > > Your observation is wrong.  Rate limiting as implemented in the
> > > limit_req module does not distinguish between different request
> > > methods and always works after reading the request header
> >
> > Sorry, I wasn't clear there. It kicks in for POST requests without my
> > module ;)
>
> So, it looks like your module breaks something.
>
> > > does not distinguish between different request methods and always works
> > after reading the request headers.
> >
> > I am assuming, given the request I am testing, is on a proxy_pass which
> is
> > a content handler,  that has something to do with why rate limiting is
> not
> > working on POST and not GET here?
> > If I remove the location block and just have my module and rate limiting
> > going without a proxy_pass, it seems to be working fine for all requests.
>
> It's hard to say anything beyond that your module breaks something
> without seeing your module's code and the configuration you are
> trying to use.
>
> A properly implemented auth module, as already suggested, should
> work in the access phase, and wouldn't interfere with any rate
> limits, since rate limiting happens before the auth module ever
> sees a request.
>
> --
> Maxim Dounin
> http://mdounin.ru/
> _______________________________________________
> nginx mailing list -- nginx at nginx.org
> To unsubscribe send an email to nginx-leave at nginx.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20221204/306a7b62/attachment.htm>


More information about the nginx mailing list