We use the limit message size assertion ,this function also looks to Content-Length header.  If size is smaller it will pass (is not checking if it’s matching), when it’s bigger, it waits 60s (if data would still come), and the request will be blocked, and you receive an error message.

How can we reduce the 60s seconds, tried with updating the cluster-wide property io.timeout to 10000, where I would expend only 10s, but that doesn't work.

Our security was challenging us when request content length headers are wrongly modified to drop faster requests. And waiting 60s these days is a bit long.

Release : 10.1

For the content length mismatch timeout you can add an property called connectionTimeout to the advanced listen port properties field 

connectionTimeout  The number of milliseconds this Connector will wait, after accepting a connection, for the request URI line to be presented. Use a value of -1 to indicate no (i.e. infinite) timeout. The default value is 60000 (i.e. 60 seconds). Unless disableUploadTimeout is set to false, this timeout will also be used when reading the request body (if any).