We were using `Content-Length` from the server when `Content-Encoding`
was not set (i.e. response was not compressed).
Sadly, in CORS requests accessing headers is restricted, and while
`Content-Length` is enabled by default, `Content-Encoding` is not.
This results in the impossibility of knowing if the content was
compressed, unless the server explicitly enabled the encoding header
via `Access-Control-Expose-Headers`.
To keep maximum compatibility we must disable `body_size` completely.