Response vs Request directionality distinction

With both the  owasp-array-limit and owasp-string-limit I would like separate severities depending on the direction. For example if a string doesn't have a limit on the request its much more of a security risk in that malicious users can enter long strings. Its much less of an issue in a response in that the application developer is in control.