Comment 19 for bug 1098177

My favorite option now is to get the OSSG to issue a security note basically saying: "you should filter size as upstream as you can, there are smart LB/proxies, there is the sizelimit middleware in Grizzly (if you want it for Folsom you can find it here)."