Frightened of ap_xml_parse_input

[Tim Bray]

Gosh, this looks convenient.  Suppose someone malicious POSTS a  
jabber-style endless pipe?   Or suppose that as a matter of policy I  
simply don't want to accept something bigger than X, for some value  
of X.  Are there any throttles or memory caps or whatever?

I'm kind of surprised at mod_dav cheerfully pointing this at, well,  
whatever got pushed up the pipe.

 -Tim