daniel:// stenberg://On #curl's --max-filesize and --compressed. Should we do something about the "compression bomb" risk?
Jyrki 
@bagder Qt has a decompression ratio check that kicks in after 10MiB by default, maybe something like that would be good enough?
(though this usually catches valid, highly compressable data; e.g. repetitive log files)
https://doc.qt.io/qt-6/qnetworkrequest.html#setDecompressedSafetyCheckThreshold