[patch] reject http header without colon (:) in the header name

[Ben Kallus]

Okay; I should have been more specific. I meant that nginx is unique
among *general-purpose* web servers.

GWS is something of an special case; it also accepts requests with no
Host header, and doesn't validate the version string (e.g.,
HTTP/1.999999999 is accepted).

Google has opted into these strange behaviors because it makes sense
for them as the only users of GWS. These are, of course, bad defaults
for a general-purpose HTTP/1.1 server.

The "silently ignore invalid headers" behavior, imo, falls into the
same category.

-Ben