in reply to
Re: hash collision DOS
in thread hash collision DOS
See the fine manual: you can already ->delete() parameters, so just grep unrequested parameters out of ->param() and dump them in the bit bucket.
All webservers have a relatively tight maximum size for GET requests. (I think the default is something like 4kb for Apache.) You can set $CGI::POST_MAX for POST requests.
Use those well and it shouldn't be possible to dump enough data on a script to slow it down significantly.
Makeshifts last the longest.