From f609b12c2f357efb590312124509a6f1d9357e70 Mon Sep 17 00:00:00 2001 From: Aleksey Shakhmatov Date: Sat, 23 May 2026 13:47:43 +0300 Subject: [PATCH] Update CLAUDE.md and README for revised behavior Document RateLimit's RemoteAddr-by-default keying and WithTrustedProxies, and that WithMaxResponseBody returns ErrResponseTooLarge rather than truncating. --- CLAUDE.md | 4 ++-- README.md | 5 ++++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/CLAUDE.md b/CLAUDE.md index 43d1370..81e9782 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -24,7 +24,7 @@ go vet ./... # static analysis - **Client.Close()** stops the health checker goroutine - **Client.Patch()** — PATCH method, same pattern as Put/Post - **NewFormRequest** — form-encoded request builder (`application/x-www-form-urlencoded`) with `GetBody` for retry -- **WithMaxResponseBody** — wraps `resp.Body` with `io.LimitedReader` to prevent OOM +- **WithMaxResponseBody** — caps `resp.Body` reads; returns `ErrResponseTooLarge` (not silent truncation) when exceeded - **middleware.RequestID()** — propagates request ID from context to outgoing `X-Request-Id` header - **`internal/requestid`** — shared context key used by both `server` and `middleware` packages to avoid circular imports @@ -37,7 +37,7 @@ go vet ./... # static analysis - **Defaults()** preset: RequestID → Recovery → Logging + production timeouts - **HealthHandler** exposes `GET /healthz` (liveness) and `GET /readyz` (readiness with pluggable checkers) - **CORS** middleware — preflight OPTIONS handling, `AllowOrigins`, `AllowMethods`, `AllowHeaders`, `ExposeHeaders`, `AllowCredentials`, `MaxAge` -- **RateLimit** middleware — per-key token bucket (`sync.Map`), IP from `X-Forwarded-For`, `WithRate`/`WithBurst`/`WithKeyFunc`, uses `internal/clock` +- **RateLimit** middleware — per-key token bucket (`sync.Map`), keys on `RemoteAddr` by default; `X-Forwarded-For` is honored only via `WithTrustedProxies`; `WithRate`/`WithBurst`/`WithKeyFunc`/`WithMaxKeys`, uses `internal/clock`, idle buckets evicted to bound memory - **MaxBodySize** middleware — wraps `r.Body` via `http.MaxBytesReader` - **Timeout** middleware — wraps `http.TimeoutHandler`, returns 503 - **WriteJSON** / **WriteError** — JSON response helpers in `server/respond.go` diff --git a/README.md b/README.md index fdfe400..99d7503 100644 --- a/README.md +++ b/README.md @@ -67,7 +67,7 @@ Server middleware is `func(http.Handler) http.Handler`. The `server` package pro | `server.Logging` | Structured request logging (method, path, status, duration, request ID). | | `server.HealthHandler` | Liveness (`/healthz`) and readiness (`/readyz`) endpoints with pluggable checkers. | | `server.CORS` | Cross-origin resource sharing with preflight handling and functional options. | -| `server.RateLimit` | Per-key token bucket rate limiting with IP extraction and `Retry-After`. | +| `server.RateLimit` | Per-key token bucket rate limiting (keys on `RemoteAddr`; `X-Forwarded-For` via `WithTrustedProxies`) with `Retry-After`. | | `server.MaxBodySize` | Limits request body size via `http.MaxBytesReader`. | | `server.Timeout` | Context-based request timeout, returns 503 on expiry. | | `server.WriteJSON` | JSON response helper, sets Content-Type and status. | @@ -195,6 +195,9 @@ client := httpx.New( ) ``` +Reading a body that exceeds the limit returns `httpx.ErrResponseTooLarge` +(checkable with `errors.Is`) rather than silently truncating. + ## Examples See the [`examples/`](examples/) directory for runnable programs: