dan: I think this is just an issue of backporting; I believe grizzly is sufficiently protected.
As for xml_body, I'm not suggesting that XML is somehow special here, just that it's the first place in the folsom pipeline that could be affected by an overly large request, and happens to (arguably) be a logical place to backport the functionality of RequestBodySizeLimiter without requiring pipeline changes.
dan: I think this is just an issue of backporting; I believe grizzly is sufficiently protected.
As for xml_body, I'm not suggesting that XML is somehow special here, just that it's the first place in the folsom pipeline that could be affected by an overly large request, and happens to (arguably) be a logical place to backport the functionality of RequestBodySize Limiter without requiring pipeline changes.