The warning was hardly buried - it's right there on the documentation page (https://docs.rs/hyper/latest/hyper/body/fn.to_bytes.html) between the function's signature and the example of how to use it. It's not unreasonable to expect users to think about what they're doing when calling a function that clearly could allocate a load of memory.
The article's mention of the content-length header is a little misleading: the to_bytes function doesn’t implement any length checks so it doesn't matter what's in the content-length header if the user's code doesn't check that itself.