membphis commented on PR #13443: URL: https://github.com/apache/apisix/pull/13443#issuecomment-4630080784
[P2] `sync_interval` validation should reject invalid window relationships, including equality and dynamic windows. The docs say delayed sync must use a `sync_interval` smaller than `time_window`, but the current check only rejects `sync_interval > time_window`. This allows `sync_interval == time_window`, which means local deltas can be delayed for the whole window and weakens the global Redis-backed limit. There is also a dynamic case: when `time_window` is configured as a string/template variable, schema-time validation skips the comparison entirely, so a request can resolve to a `time_window` that is less than or equal to `sync_interval` and still run delayed sync. Please reject `sync_interval >= time_window` for static numeric windows, and add request-time validation after resolving rule/count variables so dynamic `time_window` values also satisfy `sync_interval < time_window`. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
