We carried out further investigations; this is our findings.
1. If the request is larger than the CWP value. It will "fail" at the CWP value, this failure will essentially allow a blank message through after verifying
the message size. From how the code was written, this seems intentional. Internally, the rate limit assertion does not fail with an incorrect value.
Here are two scenarios.
a. If request is larger than CWP & if request is larger than the assertion then the assertion will fail because of the request size.
b. If request is larger than CWP & if request is smaller than the assertion then the assertion will fail because it will cross reference with the CWP.
Essentially it verifies if there is an existing error with the size, then fail.
2. As a result of the failure with the CWP. The message will not be processed, there will just be a recorded error for other assertions to reference to.