HTTP RateLimit headers
2026-01-14 03:02https://dotat.at/@/2026-01-13-http-ratelimit.html
There is an IETF draft that aims to standardize RateLimit header
fields for HTTP. A RateLimit header in a successful response
can inform a client when it might expect to be throttled, so it can
avoid 429 Too Many Requests errors. Servers can also send
RateLimit headers in 429 errors to make the response more
informative.
The draft is in reasonably good shape. However as written it seems to require (or at least it assumes) that the server uses bad quota-reset rate limit algorithms. Quota-reset algorithms encourage clients into cyclic burst-pause behaviour; the draft has several paragraphs discussing this problem.
However, if we consider that RateLimit headers are supposed to tell
the client what acceptable behaviour looks like, they can be used with
any rate limit algorithm. (And it isn't too hard to rephrase the draft
so that it is written in terms of client behaviour instead of server
behaviour.)
When a client has more work to do than will fit in a single window's
quota, linear rate limit algorithms such as GCRA encourage the client
to smooth out its requests nicely. In this article I'll describe how a
server can use a linear rate limit algorithm with HTTP RateLimit
headers.
( Read more... )
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}