http2: close connections when receiving too many headers
Maintaining HPACK state requires that we parse and
process all HEADERS and CONTINUATION frames on a
connection. When a request's headers exceed MaxHeaderBytes,
we don't allocate memory to store the excess headers but we
do parse them. This permits an attacker to cause an HTTP/2
endpoint to read arbitrary amounts of header data, all
associated with a request which is going to be
rejected. These headers can include Huffman-encoded data
which is significantly more expensive for the receiver to
decode than for an attacker to send.