Basic rate-limiting middleware for the Express web server
You can view the changelog here.
You can view the changelog here.
You can view the changelog here.
You can view the changelog here.
You can view the changelog here.
You can view the full changelog here.
You can view the changelog here.
You can view the changelog here.
You can view the changelog here.
max
is set to 0:
max: 0
was treated as a 'disable' flag and would allow all requests through.req.rateLimit.current
to req.rateLimit.used
.
current
is now a hidden getter that will return the used
value, but it will not appear when iterating over the keys or calling JSON.stringify()
.express-rate-limit
now targets es2022
in TypeScript/ESBuild.dts-bundle-generator
from v7 to v8.draft_polli_ratelimit_headers
option (it was deprecated in v6).
standardHeaders: 'draft-6'
instead.onLimitReached
option (it was deprecated in v6).
handler
option.MemoryStore
now uses precise, per-user reset times rather than a global window that resets all users at once.limit
configuration option is now prefered to max
.
max
is still supported. The change was made to better align with terminology used in the IETF standard drafts.validate
config option can now be an object with keys to enable or disable specific validation checks. For more information, see this.