Description:
Before this change, Envoy would ignore invalid x-envoy-* header values from a
client request (e.g. x-envoy-max-retries: 3.0), silently falling back to the
default value for that header. Introduce a strict_check_headers config option
for envoy.router that adds optional support to explicitly reject requests with
invalid values for the following headers:

• x-envoy-upstream-rq-timeout-ms
• x-envoy-upstream-rq-per-try-timeout-ms
• x-envoy-max-retries
• x-envoy-retry-on
• x-envoy-retry-grpc-on

On rejection, Envoy responds with HTTP status 400 and sets a new response flag
IH to indicate the reason was due to an invalid header.

Risk Level: Low/medium

Testing: unit tests

• unit test: FilterUtility::StrictHeaderChecker
• test that router rejects request with HTTP status 400 + sets the IH response flag
• test that config validation rejects unsupported values
• manual end-to-end test client -> envoy -> upstream server to verify that
  Envoy returns a 400 and sets the response flag in the logs

Docs Changes:

• add inline docs to router.proto for strict_check_headers
• add inline docs to accesslog.proto for IH response flag

Release Notes: updated for router and accesslog
Fixes #6482