Just chiming in to say that you certainly could use the “middleware” approach to handle a scenario where a client tries to send a request w/ like, a 10GB request body. The general approach here would be:
- Define a streaming middleware (which has the form
f(::HTTP.Stream) -> Nothing, instead of the higher-level request middleware which has the formf(::Request) -> Response)) - In the streaming middleware, you would call
startread(::Stream), which returns once the headers have been received on the request - Then check the
Content-Lengthheader to see if the request body is going to be over some max limit you’ve set for your server - If the request body is too large, you can reject and close the stream immediately (returning a 413 is traditional), to ensure the actual large body isn’t read into memory or allowed to affect the server.
I’ve wanted to include something like this in HTTP as a sort of “default middleware” people could use, but haven’t gotten around to it. If someone wants to pick it up and make a PR, I’d be happy to review/merge.