fix http/2 header payload padding parsing

[DeagleGross]

The padding length check for HTTP/2 HEADERS frames did not account for the extra 5 bytes consumed by the PRIORITY flag (4-byte stream dependency + 1-byte weight).

Kestrel was throwing an exception later instead of validating the bytes properly and rejecting immediately:

Frame header (bytes 0-8):
----------------------------------------------------------------------------
00 00 06  → Length = 6
01        → Type = HEADERS (0x01)
2D        → Flags = 0x2D = 0b00101101
            = END_STREAM (0x01) | END_HEADERS (0x04) | PADDED (0x08) | PRIORITY (0x20)
00 00 00 01 → StreamId = 1

Payload (9-14):
----------------------------------------------------------------------------
01        → HeadersPadLength = 1     ← parsed because PADDED flag is set
00 00 00 00 → StreamDependency = 0  ← parsed because PRIORITY flag is set
10        → Weight = 16             ← parsed because PRIORITY flag is set
(nothing) → 0 bytes of HPACK data
(nothing) → 0 bytes of padding (but PadLength says 1!)

[Copilot]

Pull request overview

Fixes HTTP/2 HEADERS frame padding validation in Kestrel so frames with both PADDED and PRIORITY flags correctly account for the extra 5 priority bytes when determining whether padding exceeds the available payload.

Changes:

• Update HEADERS padding-length validation to subtract the correct “extended fields” length (padding + optional priority) before comparing against PadLength.
• Expose HeadersPayloadOffset on Http2Frame to support the updated validation logic.
• Add a functional test covering the specific invalid HEADERS payload scenario (PADDED + PRIORITY where padding exceeds remaining payload).

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

File	Description
src/Shared/ServerInfrastructure/Http2/Http2Frame.Headers.cs	Exposes the computed HEADERS extended-fields offset used for payload/padding calculations.
src/Servers/Kestrel/Core/src/Internal/Http2/Http2Connection.cs	Fixes HEADERS padding validation by subtracting the correct offset when PRIORITY is present.
src/Servers/Kestrel/test/InMemory.FunctionalTests/Http2/Http2ConnectionTests.cs	Adds regression coverage for invalid PADDED+PRIORITY HEADERS frame padding.