You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your suggested enhancement related to a problem? Please describe.
Dear Dev Team,
I am the developer of a web-based update checker that heavily relies on the Modrinth API. Some users of my application attempt to update a large number of mods simultaneously (~150+), which frequently triggers rate limiting by the API.
The issue I'm facing is that when the rate limiting occurs, the required CORS headers are not included in the response (as outlined in #874), and the Access-Control-Expose-Headers header is also not set. This makes it difficult to track important information such as the remaining tokens and time until reset from the API's headers.
To mitigate this, I have implemented a client-side method to track these values manually. However, this approach has proven to be inconsistent, resulting in unreliable functionality.
Describe the solution you'd like
To make web-based API wrappers more feasible and improve consistency, could you please include the Access-Control-Expose-Headers header in the API responses? Specifically, exposing the rate-limiting-related headers (e.g., X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset) would allow developers like me to reliably manage rate limits on the client side.
Describe alternatives you've considered
No response
Additional context
As seen on the picture, the rate-limiting-related headers are included in the response, but I can't read them in my application due to CORS (only access-control-allow-origin is set).
Thank you for considering this request.
Best Regards
Simon
The text was updated successfully, but these errors were encountered:
Is your suggested enhancement related to a problem? Please describe.
Dear Dev Team,
I am the developer of a web-based update checker that heavily relies on the Modrinth API. Some users of my application attempt to update a large number of mods simultaneously (~150+), which frequently triggers rate limiting by the API.
The issue I'm facing is that when the rate limiting occurs, the required CORS headers are not included in the response (as outlined in #874), and the Access-Control-Expose-Headers header is also not set. This makes it difficult to track important information such as the remaining tokens and time until reset from the API's headers.
To mitigate this, I have implemented a client-side method to track these values manually. However, this approach has proven to be inconsistent, resulting in unreliable functionality.
Describe the solution you'd like
To make web-based API wrappers more feasible and improve consistency, could you please include the Access-Control-Expose-Headers header in the API responses? Specifically, exposing the rate-limiting-related headers (e.g., X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset) would allow developers like me to reliably manage rate limits on the client side.
Describe alternatives you've considered
No response
Additional context
As seen on the picture, the rate-limiting-related headers are included in the response, but I can't read them in my application due to CORS (only access-control-allow-origin is set).
Thank you for considering this request.
Best Regards
Simon
The text was updated successfully, but these errors were encountered: