Simple warning request: If: POST /somedll.dll HTTP/1.1 Host: somehost.net Content-Type: text/xml Content-Length: 21
Then no warning issued, if: POST /somedll.dll HTTP/1.1 Host: somehost.net Content-Type: text/xml Content-Length: 19
Then issue a warning (or tag the packet or something similar) to let user know of content-length mismatch with HTTP payload.