http2: move where cookies are joined to avoid quadratic behavior

There are already tests which cover the behavior. This is simply
moving where it happens. I'm not adding new tests to cover the very
bad behavior because once the rest of the bug is fixed, it won't be
possible to observe anyway. But even for smallish inputs, this is
faster.

Part of golang/go#12843

Change-Id: I7d69f2409e2adb4a01d101a915e09cf887b03f21
Reviewed-on: https://go-review.googlesource.com/15601
Reviewed-by: Andrew Gerrand <adg@golang.org>

http2/server.go

@@ -499,13 +499,6 @@ func (sc *serverConn) onNewHeaderField(f hpack.HeaderField) {
 			return
 		}
 		*dst = f.Value
-	case f.Name == "cookie":
-		sc.req.sawRegularHeader = true
-		if s, ok := sc.req.header["Cookie"]; ok && len(s) == 1 {
-			s[0] = s[0] + "; " + f.Value
-		} else {
-			sc.req.header.Add("Cookie", f.Value)
-		}
 	default:
 		sc.req.sawRegularHeader = true
 		sc.req.header.Add(sc.canonicalHeader(f.Name), f.Value)
@@ -1373,6 +1366,10 @@ func (sc *serverConn) newWriterAndRequest() (*responseWriter, *http.Request, err
 	if needsContinue {
 		rp.header.Del("Expect")
 	}
+	// Merge Cookie headers into one "; "-delimited value.
+	if cookies := rp.header["Cookie"]; len(cookies) > 1 {
+		rp.header.Set("Cookie", strings.Join(cookies, "; "))
+	}
 	bodyOpen := rp.stream.state == stateOpen
 	body := &requestBody{
 		conn:          sc,