flightofthefox·4 years ago·discussSolution seems funky. Attackers could just omit the Content-Length header