Remove ioutil.ReadAll, except for in tests, and set a message size limit

[ainar-g]

ioutil.ReadAll should generally not be used in HTTP APIs, since it doesn't have a size limit. Our current HTTP API is for internal use, but it's still a good precautionary measure, in my opinion. We should probably just set a limit, constant or configurable, for the maximum size of an HTTP request body. Perhaps write our own version of io.LimitedReader that returns a meaningful error instead of an io.EOF.