Limit the size of requests

[xvjau]

As a security measure, we need to limit the amount of bytes per request, so an attacker cannot, easily, perform a DoS attack by simply sending and excessive number of headers or multiple-gigabyte requests.

Ideally, a preset limit in the number of HTTP-Headers that the parser will receive before dropping the request can be implemented. The user could optionally pass a custom limit when instantiating the template.

[vinipsmaker]

I can provide a custom settings object which you can use with the numbers/limits you want.

It'd be a settings in the same sense as this one:

boost.http/example/spawn-settings.cpp

Line 232 in ea7aa01

http::basic_buffered_socket<asio::ip::tcp::socket, socket_settings> socket;

You just fill in the numbers you want to configure the limits.