Disabled requests with both Content-Length and Transfer-Encoding.

Disabled requests with both Content-Length and Transfer-Encoding.

HTTP clients are not allowed to generate such requests since Transfer-Encoding
introduction in RFC 2068, and they are not expected to appear in practice
except in attempts to perform a request smuggling attack.  While handling of
such requests is strictly defined, the most secure approach seems to reject
them.