How to limit incoming requests to an Action, for example I don’t want to users repeatedly post data to Action. Is there any way to applying time limit for Actions?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
How to limit incoming requests to an Action, for example I don’t want to users repeatedly post data to Action. Is there any way to applying time limit for Actions?
You normally can’t limit incoming requests – they are coming from machines outside of your control. What you can do is either reject requests (i.e. with 503 responses) or if you in some way control clients you can limit number of requests legitimate clients make.
To be able to reasonably reject incoming requests you need to know some information about previous requests for each particular user (i.e. last request time / index stored in cookie, or some information stored in session state). With such information you should be able to write action filter that will check for condition and reject the request.
Note that non-legitimate users will be easily able to bypass all restrictions that do not rely on server side storage (like session state). If you can’t autorize users (i.e. by user name) restricting number of existing sessions may be problmatic too…