fix(server): start h1 header read timeout when conn is idle, a de facto idle timeout

[finnbear]

Motivation

Currently, the header read timeout is started before any part of the first request is received. This allows closing the connection if no requests are received. However, after the first request, the connection can remain open indefinitely. This change ensures that the header read timeout is started immediately after the connection is idle, following the transmission of the response, before the first part of the subsequent request is received.

This is particularly relevant in the case that browsers open 6+ h1 connections when a page loads and then neglect to close any of them, distracting, in my case, from DDoS attackers.

This is kind of like an "idle timeout"

Changes

• Start header_read_timeout when waiting for subsequent requests
• Error::is_timeout returns true on HeaderTimeout

Tests

• Fix existing tests, which failed due to invalid headers, not timeouts
  • header_read_timeout_slow_writes
  • header_read_timeout_slow_writes_multiple_requests
• Test new functionality
  • I've manually confirmed that the new test fails without the change

Open question

Should the documentation of header_read_timeout change? It currently doesn't say when the timeout is started, only when it finishes (client transmits entire header).

Related

Related: #1628
Related/Fixes: #2355
Related #3185 (comment)
Builds on and supersedes/Closes #3781 (credit to @T-aian)
Fixes #3780
Supersedes #3743 (this PR required additional complexity, but allowed a different value for the header read timeout and the idle timeout)