From e80210b9a4cc69ebcb529f89ca067427362122e5 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Mon, 24 Apr 2023 10:08:47 +0200 Subject: [PATCH] fix(bruteforce): Fix 429 explanation Signed-off-by: Joas Schilling --- developer_manual/basics/controllers.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/developer_manual/basics/controllers.rst b/developer_manual/basics/controllers.rst index e1f132cd7..3c1e28fdd 100644 --- a/developer_manual/basics/controllers.rst +++ b/developer_manual/basics/controllers.rst @@ -889,9 +889,9 @@ To enable brute force protection the following *Attribute* can be added to the c The attribute is only available in Nextcloud 27 or later. In older versions the ``@BruteForceProtection(action=string)`` annotation can be used, but that does not allow multiple assignments to a single controller method. -Then the **throttle()** method has to be called on the response in case of a violation. Doing so will increase the throttle counter and make following requests slower, until a slowness of roughly 30 seconds is reached and the controller returns a ``429 Too Many Requests`` status is returned instead of avoid further requests. +Then the **throttle()** method has to be called on the response in case of a violation. Doing so will increase the throttle counter and make following requests slower, until a slowness of roughly 30 seconds is reached and the controller returns a ``429 Too Many Requests`` status without further validating or executing the request. -A controller method that would employ brute-force protection with an action of "foobar" would look as following: +A controller method that would implement brute-force protection with an action of "foobar" would look as following: .. code-block:: php :emphasize-lines: 11,18