Implement --limit-request-header-count flag

[Kludex]

• Replaces Implement --limit-request-header-count flag #1682

Please check #1682 before reviewing this.

Checklist

• h11 implementation. See Limit number of headers python-hyper/h11#155 for more information.
• Check if the flag limit_request_fields on gunicorn is correctly passed to uvicorn.
• Add an entry to "Resource Limits" section in the documentation.

[njsmith]

I'm not sure this approach actually does anything useful -- presumably the reason people want to limit header count is to avoid people sending huge numbers of headers and overwhelming the server. But this PR checks the number of headers after the server has already accepted and parsed the entire header block, so if the header block was going to overwhelm the server, it's already happened before the check runs.

In practice though h11 already puts a limit on the total size of the header block, so this option probably isn't doing anything useful anyway. python-hyper/h11#155 (comment) has some more details.

[Kludex]

I see... Thanks @njsmith 🙏

I'll look for just limiting the size then. For h11, we already support h11-max-incomplete-event-size, but for httptools can I limit this on uvicorn itself? If I do that check on data_received, it would slow down uvicorn... 🤔