In a web application, I would like to return a status code to indicate if the sent body is too large. Specifically I want to do this in the code that protects against gzip bombs.
With gzip bombs it's common to abort extracting of the incoming gzip stream if the extracted content exceeds a given size.
So I'm wondering if I can return HTTP status code 413 (Payload Too Large) in that case or if that is reserved for the actual byte length of the HTTP body in its compressed state?
From RFC 7231, Section 6.5.11:
The 413 (Payload Too Large) status code indicates that the server is refusing to process a request because the request payload is larger than the server is willing or able to process. The server MAY close the connection to prevent the client from continuing the request.
