Comcast says hi: http://customer.xfinity.com/help-and-support/internet/data-u...
AT&T says hi: https://www.att.com/esupport/internet/usage.jsp
However, even uncapped internet normally has a AUP (acceptable usage policy, also soft cap) that is usually around 200GB - exceed it and your internet is de-prioritized to the point of being almost useless.
Either way, 4GB favicons are probably unhealthy for the overall internet.
The contractual limits give the company a legal out to deal with use that starts to impact other customers, they are not commonly enforced unless they are looking into a complaint to slow internet and your usage comes up as anomalous and potentially contributory (according to a friend at an ISP at least).
Download or upload 2TB via torrent? - No one cares
A friend of mine who works at Swisscom (no. 1 provider here) said they were forced by their software to enter an upper limit, so they just entered the max allowed length of that integer number.
Looking back, the funniest thing about it was that I ended up having an argument with one of the support people on a broadband forum and they were arguing that only pirates would ever need more than 60gb and that internet TV was never going to take off because the BBC iPlayer trial hadn't worked well in their browser.
These days there are UK ISPs with their own 4K TV channels.
Chrome: https://code.google.com/p/chromium/issues/detail?id=500639 (reported 2015-06-15, unfixed as of yet)
Firefox: https://bugzilla.mozilla.org/show_bug.cgi?id=1174811 (already fixed on 2015-06-16)
Not so fast. The SVG version in comment 14 isn't fixed yet it seems.
> until the OS crashes
How is it even possible that userspace crashes the OS due to memory exhaustion?
Usually systems don't come preconfigured with a hard per-app limit (which is a bad thing...), or oom score (systemd got this more popular though), so crashing the OS is still fairly easy.
And since we're clearly not adhering to Unix philosophy on the web, I say that it being idiotic is a good enough reason to not allow for it.
 - like e.g. calls for rate-limiting access to phone gyroscopes, or banning it altogether, in https://news.ycombinator.com/item?id=10914666.
Trying to enumerate badness is always the wrong approach, as your list can never be complete.
As favicons are animated in the tabs of some browsers I've seen it put to good use as a relatively unobtrusive attention grabber when a tab has new information.
A simple on/off is sufficient for this though, or if you want to be a bit more flashy a fade in/out, larger animations are somewhere between pointless and stupid so perhaps a size limit is in order (32Kb seems extravagant enough for me).
...there is no way to tell the size of something you want to
download until you've downloaded it.
The way Go's built in HTTP libraries work is that, if you don't attach a Content-Length header yourself, you will automatically send a chunk-encoded response. That's exactly what the OP's server does, and as a result there is no Content-Length to look for.
User-Agents need to defend against this by setting an appropriate upper-limit on the size of the object they want to receive.
Note that there's another obvious way to try to consume bandwidth: host a "file download" that actually just sends a chunk-encoded random byte sequence until the connection closes.
Partial icon streams have no use to the client, and given the server should almost certainly have the entire icon in ram, streaming has no use for the server.
That all depends on the type of internet connection. Sure, it's a great idea for the first world where you get 1Gbps symmetrical for $70 a month. But not everyone has that good of a connection, and packets can be dropped like crazy, dramatically decreasing the size of the window.
Though, I suspect stestagg meant IP packet. Less than 1.5 kB is just too small for most icons. The ubiquitous 32×32 Wordpress icon is just about small enough, and still sharp enough for Retina, but Amazon’s more detailed favicon is 2.8 kB, Y-Combinator’s icon is 6.5 kB, Apple’s 2-toned logo is 9.1 kB, and Microsoft’s 4 colored squares are an astonishing 17.1 kB.
On the other hand, like everything else outdated about it, Slashdot’s icon is a mere 668 bytes.
I have just opened the page info for this reply page and am astonished to see a 256x256 image for the favicon. Who's utterly retarded idea was that?
I guess that answers my first question. "Idiotically large" is the answer.
Of course, there's nothing intrinsically bad about high-resolution favicons - esp. given the current ultra-high-res displays. The size difference is only most marked in this specific use-case.
"...In HTTP, it SHOULD be sent whenever the message's length can be determined prior to being transferred..."
If this were required, the keyword would have been "MUST be sent" - there are completely legitimate reasons for not returning Content-Length; this is noted directly in the RFC, as quoted above.