Limit the size of ``

I have the following in my Django webapp:

class IndexContentView(generics.CreateAPIView):
    permission_classes = [IsAuthenticated]

    def create(self, request):
        transcript =['transcript']

How can I make sure that requests with larger than a certain size, such as 2 MB, do not hit my endpoint? I know I could insert a check in my code, but that would not prevent an attack throwing many large requests at my app. Also, I want to set a limit for all requests. How do I do this with PA?

You could write custom middleware to drop requests like that early.

What do you mean by middleware (i.e. where should that middleware live)? Isn't there a default limit in place right now?

See There is a limit of 100M that is already imposed on all requests.