Apply suggestions from code review

Rick-Anderson · guardrex · web-flow · commit bd3406280b44 · 2025-03-08T12:27:29.000-10:00
Accept most of @guardrex awesome suggestions Co-authored-by: Luke Latham <1622880+guardrex@users.noreply.github.com>
diff --git a/aspnetcore/performance/rate-limit-samples.md b/aspnetcore/performance/rate-limit-samples.md
@@ -17,21 +17,23 @@ The following samples aren't production quality, they're examples on how to use
 
 The following sample:
 
-* Creates a [RateLimiterOptions.OnRejected](xref:Microsoft.AspNetCore.RateLimiting.RateLimiterOptions.OnRejected) callback that is called when a request exceeds the specified limit. `retryAfter` can be used with the [TokenBucketRateLimiter](/dotnet/api/system.threading.ratelimiting.tokenbucketratelimiter), [FixedWindowLimiter](/dotnet/api/microsoft.aspnetcore.ratelimiting.ratelimiteroptionsextensions.addfixedwindowlimiter), and [SlidingWindowLimiter](/dotnet/api/microsoft.aspnetcore.ratelimiting.ratelimiteroptionsextensions.addslidingwindowlimiter) because these algorithms are able to estimate when more permits will be added. The `ConcurrencyLimiter` has no way of calculating when permits will be available.
+* Creates a <xref:Microsoft.AspNetCore.RateLimiting.RateLimiterOptions.OnRejected%2A?displayProperty=nameWithType> callback that's called when a request exceeds the specified limit. `retryAfter` can be used with the <xref:System.Threading.RateLimiting.TokenBucketRateLimiter>, [Fixed Window Limiter](xref:Microsoft.AspNetCore.RateLimiting.RateLimiterOptionsExtensions.AddFixedWindowLimiter%2A), and [Sliding Window Limiter](xref:Microsoft.AspNetCore.RateLimiting.RateLimiterOptionsExtensions.AddSlidingWindowLimiter%2A) because these algorithms are able to estimate when more permits are added. The <xref:System.Threading.RateLimiting.ConcurrencyLimiter> has no way of calculating when permits are available.
 * Adds the following limiters:
 
-  * A `SampleRateLimiterPolicy` which implements the `IRateLimiterPolicy<TPartitionKey>` interface. The `SampleRateLimiterPolicy` class is shown later in this article.
+  * A `SampleRateLimiterPolicy` that implements the <xref:Microsoft.AspNetCore.RateLimiting.IRateLimiterPolicy%601> interface. The `SampleRateLimiterPolicy` class is shown later in this article.
   * A `SlidingWindowLimiter`:
     * With a partition for each authenticated user.
     * One shared partition for all anonymous users.
-  * A <xref:Microsoft.AspNetCore.RateLimiting.RateLimiterOptions.GlobalLimiter> that is applied to all requests. The global limiter will be executed first, followed by the endpoint-specific limiter, if one exists. The `GlobalLimiter` creates a partition for each <xref:System.Net.IPAddress>.
+  * A <xref:Microsoft.AspNetCore.RateLimiting.RateLimiterOptions.GlobalLimiter> that's applied to all requests. The global limiter is executed first, followed by the endpoint-specific limiter, if one exists. The `GlobalLimiter` creates a partition for each <xref:System.Net.IPAddress>.
 
 :::code language="csharp" source="~/../AspNetCore.Docs.Samples/fundamentals/middleware/rate-limit/WebRateLimitAuth/Program.cs" id="snippet_1":::
 
 > [!WARNING]
->Creating partitions on client IP addresses makes the app vulnerable to Denial of Service Attacks which employ IP Source Address Spoofing. For more information, see [BCP 38 RFC 2827 Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing](https://www.rfc-editor.org/info/bcp38).
+> Creating partitions on client IP addresses makes the app vulnerable to Denial of Service Attacks which employ IP Source Address Spoofing. For more information, see [BCP 38 RFC 2827 Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing](https://www.rfc-editor.org/info/bcp38).
 
-See [the samples repository for the complete `Program.cs`](https://github.com/dotnet/AspNetCore.Docs.Samples/blob/main/fundamentals/middleware/rate-limit/WebRateLimitAuth/Program.cs#L145,L281) file.
+For the complete `Program.cs` file, see [the samples repository](https://github.com/dotnet/AspNetCore.Docs.Samples/blob/main/fundamentals/middleware/rate-limit/WebRateLimitAuth/Program.cs).
+
+[!INCLUDE[](~/includes/aspnetcore-repo-ref-source-links.md)]
 
 The `SampleRateLimiterPolicy` class
 
diff --git a/aspnetcore/performance/rate-limit.md b/aspnetcore/performance/rate-limit.md
@@ -153,7 +153,7 @@ app.MapRazorComponents<App>()
     .RequireRateLimiting("MyPagePolicy");
 ```
 
-To set policy for individual Blazor Pages, the attribute must be applied to the Page and not the page handlers.
+To set a policy for a single Razor component, the [`[EnableRateLimiting]` attribute](xref:Microsoft.AspNetCore.RateLimiting.EnableRateLimitingAttribute) is applied to the component with an optional policy name:
 
 ``` blazor
 @page "/counter"
@@ -165,7 +165,7 @@ To set policy for individual Blazor Pages, the attribute must be applied to the
 
 The [`DisableRateLimiting`](/dotnet/api/microsoft.aspnetcore.ratelimiting.disableratelimitingattribute) attribute can be used to disable rate limiting on a Razor Page.
 
-Note: `EnableRateLimiting` is only applied to a Razor Page if `MapBlazorComponents().RequireRateLimiting(Policy)` has ***not*** been called.
+The [`[EnableRateLimiting]` attribute](xref:Microsoft.AspNetCore.RateLimiting.EnableRateLimitingAttribute) is only applied to a component if <xref:Microsoft.AspNetCore.Builder.RateLimiterEndpointConventionBuilderExtensions.RequireRateLimiting%2A> is ***not*** called on <xref:Microsoft.AspNetCore.Builder.RazorComponentsEndpointRouteBuilderExtensions.MapRazorComponents%2A>.
 
 ## Rate limiter algorithms
 
