Currently (1.3.6 p2) HTTPServerSession uses the timeout parameter in HTTPServerParams only for the receive timeout of the socket. The send timeout is not set. The user of the library has to set it explicitly, to prevent DoS attacks.
By the way, congratulations for creating this excellent library!
