diff --git a/src/http_handler.cpp b/src/http_handler.cpp
index ca0dd0a..daef138 100644
--- a/src/http_handler.cpp
+++ b/src/http_handler.cpp
@@ -49,6 +49,11 @@ void HttpHandler::on_data_arrived(std::string_view data,
     return;
   }
 
+  // TODO: Enforce the configured max_request_size_bytes limit here.
+  // Should track cumulative bytes received for the current HTTP request
+  // and send 413 Request Entity Too Large if limit is exceeded.
+  // This prevents DoS attacks via oversized HTTP requests.
+
   // Parse HTTP data with llhttp
   enum llhttp_errno err =
       llhttp_execute(&state->parser, data.data(), data.size());