Cap applied to a server-supplied Retry-After header so that a misbehaving origin cannot pin the client in a multi-minute sleep. Matches THREAT_MODEL.md TB-6a (resource-exhaustion via cooperative back-off). MUST remain 30_000 โ asserted by unit test.
Cap applied to a server-supplied
Retry-Afterheader so that a misbehaving origin cannot pin the client in a multi-minute sleep. Matches THREAT_MODEL.md TB-6a (resource-exhaustion via cooperative back-off). MUST remain 30_000 โ asserted by unit test.