Where do you draw the line between this and a DoS flood of HTTP requests? At some point a provider has to be able to rate limit requests to maintain service for legitimate users.
I don't. I think owners of web servers should be able to selectively choose to respond to requests however they please (so long as they don't violate any e.g. civil rights laws).