diff --git ext/yahttp/yahttp/reqresp.cpp ext/yahttp/yahttp/reqresp.cpp
index a96def6e0..e128dad4d 100644
--- ext/yahttp/yahttp/reqresp.cpp
+++ ext/yahttp/yahttp/reqresp.cpp
@@ -38,11 +38,23 @@ namespace YaHTTP {
   bool isalnum(char c, const std::locale& loc) {
     return std::isalnum(c, loc);
   }
 
   template <class T>
-  bool AsyncLoader<T>::feed(const std::string& somedata) {
+  bool AsyncLoader<T>::feed(const std::string& somedata)
+  {
+    if (state < 2) {
+      headersize += somedata.length(); // maye include some body data, we don't know yet...
+      if (headersize > target->max_header_size) {
+        if (target->kind == YAHTTP_TYPE_REQUEST) {
+          throw ParseError("Request header too large");
+        }
+        else {
+          throw ParseError("Response header too large");
+        }
+      }
+    }
     buffer.append(somedata);
     while(state < 2) {
       int cr=0;
       pos = buffer.find_first_of("\n");
       // need to find CRLF in buffer
@@ -153,12 +165,12 @@ namespace YaHTTP {
         std::istringstream maxbodyS(target->headers["content-length"]);
         maxbodyS >> minbody;
         maxbody = minbody;
       }
       if (minbody < 1) return true; // guess there isn't anything left.
-      if (target->kind == YAHTTP_TYPE_REQUEST && static_cast<ssize_t>(minbody) > target->max_request_size) throw ParseError("Max request body size exceeded");
-      else if (target->kind == YAHTTP_TYPE_RESPONSE && static_cast<ssize_t>(minbody) > target->max_response_size) throw ParseError("Max response body size exceeded");
+      if (target->kind == YAHTTP_TYPE_REQUEST && minbody > target->max_request_size) throw ParseError("Max request body size exceeded");
+      else if (target->kind == YAHTTP_TYPE_RESPONSE && minbody > target->max_response_size) throw ParseError("Max response body size exceeded");
     }
 
     if (maxbody == 0) hasBody = false;
     else hasBody = true;
 
diff --git ext/yahttp/yahttp/reqresp.hpp ext/yahttp/yahttp/reqresp.hpp
index e420c24a1..180b2d7bb 100644
--- ext/yahttp/yahttp/reqresp.hpp
+++ ext/yahttp/yahttp/reqresp.hpp
@@ -18,10 +18,14 @@ namespace funcptr = boost;
 #include <unistd.h>
 #endif
 
 #include <algorithm>
 
+#ifndef YAHTTP_MAX_HEADER_SIZE
+#define YAHTTP_MAX_HEADER_SIZE (100 * 1024)
+#endif
+
 #ifndef YAHTTP_MAX_REQUEST_SIZE
 #define YAHTTP_MAX_REQUEST_SIZE 2097152
 #endif
 
 #ifndef YAHTTP_MAX_RESPONSE_SIZE
@@ -106,10 +110,11 @@ namespace YaHTTP {
 #ifdef HAVE_CPP_FUNC_PTR
       renderer = SendBodyRender();
 #endif
       max_request_size = YAHTTP_MAX_REQUEST_SIZE;
       max_response_size = YAHTTP_MAX_RESPONSE_SIZE;
+      max_header_size = YAHTTP_MAX_HEADER_SIZE;
       url = "";
       method = "";
       statusText = "";
       jar.clear();
       headers.clear();
@@ -128,10 +133,11 @@ protected:
       this->method = rhs.method; this->headers = rhs.headers;
       this->jar = rhs.jar; this->postvars = rhs.postvars;
       this->parameters = rhs.parameters; this->getvars = rhs.getvars;
       this->body = rhs.body; this->max_request_size = rhs.max_request_size;
       this->max_response_size = rhs.max_response_size; this->version = rhs.version;
+      this->max_header_size = rhs.max_header_size;
 #ifdef HAVE_CPP_FUNC_PTR
       this->renderer = rhs.renderer;
 #endif
       this->is_multipart = rhs.is_multipart;
     };
@@ -141,10 +147,11 @@ protected:
       this->method = rhs.method; this->headers = rhs.headers;
       this->jar = rhs.jar; this->postvars = rhs.postvars;
       this->parameters = rhs.parameters; this->getvars = rhs.getvars;
       this->body = rhs.body; this->max_request_size = rhs.max_request_size;
       this->max_response_size = rhs.max_response_size; this->version = rhs.version;
+      this->max_header_size = rhs.max_header_size;
 #ifdef HAVE_CPP_FUNC_PTR
       this->renderer = rhs.renderer;
 #endif
       this->is_multipart = rhs.is_multipart;
       return *this;
@@ -164,12 +171,13 @@ public:
     strstr_map_t parameters; //<! map of route parameters (only if you use YaHTTP::Router)
     std::string routeName; //<! name of the current route (only if you use YaHTTP::Router)
 
     std::string body; //<! the actual content
 
-    ssize_t max_request_size; //<! maximum size of request
-    ssize_t max_response_size;  //<! maximum size of response
+    size_t max_request_size; //<! maximum size of request
+    size_t max_response_size; //<! maximum size of response
+    size_t max_header_size; //<! maximum size of headers
     bool is_multipart; //<! if the request is multipart, prevents Content-Length header
 #ifdef HAVE_CPP_FUNC_PTR
     funcptr::function<size_t(const HTTPBase*,std::ostream&,bool)> renderer; //<! rendering function
 #endif
     void write(std::ostream& os) const; //<! writes request to the given output stream
@@ -303,20 +311,22 @@ public:
     bool chunked; //<! whether we are parsing chunked data
     int chunk_size; //<! expected size of next chunk
     std::ostringstream bodybuf; //<! buffer for body
     size_t maxbody; //<! maximum size of body
     size_t minbody; //<! minimum size of body
+    size_t headersize;                 
     bool hasBody; //<! are we expecting body
 
     void keyValuePair(const std::string &keyvalue, std::string &key, std::string &value); //<! key value pair parser helper
 
     void initialize(T* target_) {
       chunked = false; chunk_size = 0;
       bodybuf.str(""); minbody = 0; maxbody = 0;
       pos = 0; state = 0; this->target = target_;
       hasBody = false;
       buffer = "";
+      headersize = 0;
       this->target->initialize();
     }; //<! Initialize the parser for target and clear state
     bool feed(const std::string& somedata); //<! Feed data to the parser
     bool ready() {
      return (chunked == true && state == 3) || // if it's chunked we get end of data indication