Rate-limiting middleware requires AddRateLimiter
ASP.NET Core rate-limiting middleware has been updated with extra functionality. The middleware now requires services registered with AddRateLimiter.
Version introduced
ASP.NET Core 8.0 Preview 5
Previous behavior
Previously, rate limiting could be used without AddRateLimiter. For example, the middleware could be configured by calling Configure<RateLimiterOptions>(o => { }):
var builder = WebApplication.CreateBuilder(args);
builder.Services.Configure<RateLimiterOptions>(o => o
.AddFixedWindowLimiter(policyName: "fixed", options =>
{
// configuration
}));
var app = builder.Build();
app.UseRateLimiter();
app.MapGet("/", () => Results.Ok($"Hello world")).RequireRateLimiting("fixed");
app.Run();
New behavior
If AddRateLimiter is not called on app startup, ASP.NET Core throws an informative error:
Unable to find the required services. Please add all the required services by calling 'IServiceCollection.AddRateLimiter' in the application startup code.
Type of breaking change
This change is a behavioral change.
Reason for change
Rate-limiting middleware requires services that are only registered by calling AddRateLimiter.
Recommended action
Ensure that UseRateLimiter is called at application startup.
For example, update Configure<RateLimiterOptions>(o => { }) to use UseRateLimiter:
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddRateLimiter(o => o
.AddFixedWindowLimiter(policyName: "fixed", options =>
{
// configuration
}));
var app = builder.Build();
app.UseRateLimiter();
app.MapGet("/", () => Results.Ok($"Hello world")).RequireRateLimiting("fixed");
app.Run();
Affected APIs
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for