Tighten request header processing to match RFC

New implementation:
+ rejects repeated Host: headers
+ handles repeated Content-Length: more carefully
+ handles malformed Content-Length: better
+ handles repeated Transfer-Encoding: headers
+ parses all Cookie: headers instead of just first header
+ handles properly Transfer-Encoding: in HTTP/1.0 requests