diff --git a/warden3/warden_server/warden_server.py b/warden3/warden_server/warden_server.py
index 3a0ba569b75a133b26093ba1e961befc6ab5b5ff..4ad293dce6cdc9327498ec8f732c6df6792dd984 100755
--- a/warden3/warden_server/warden_server.py
+++ b/warden3/warden_server/warden_server.py
@@ -922,8 +922,20 @@ class Server(ObjectBase):
 
             args = self.sanitize_args(path, method, args)
 
+            # Based on RFC2616, section 4.4 we SHOULD respond with 400 (bad request) or 411
+            # (length required) if content length was not specified. We choose not to, to
+            # preserve compatibility with clients deployed in the wild, which use POST for
+            # all requests (even those without payload, with no specified content length).
+            # According to PEP3333, section "Input and Error Streams", the application SHOULD
+            # NOT attempt to read more data than specified by CONTENT-LENGTH. As stated in
+            # section "environ Variables", CONTENT-LENGTH may be empty (string) or absent.
             try:
-                post_data = environ['wsgi.input'].read()
+                content_length = int(environ.get('CONTENT-LENGTH', 0))
+            except ValueError:
+                content_length = 0
+
+            try:
+                post_data = environ['wsgi.input'].read(content_length)
             except:
                 raise self.req.error(message="Data read error.", error=408, exc=sys.exc_info())