[UNDERTOW-2763] As per RFC 9112 reason phrase is optional in HTTP responses

[ropalka]

https://redhat.atlassian.net/browse/UNDERTOW-2763

[rhusar]

Brief review, but LGTM; crux of the fix is removal of && sb.length() > 0.

I was going to say, this is missing split tests for RESPONSE2 and RESPONSE3 however, those are subsets of the testOneCharacterAtATime_response1/2/3, so I don't think they are needed.

[rhusar]

Actually, @ropalka this is modifying a CVE fix so can you explain why relaxing this specific check is still safe as that appeard to be intentional strictness of the parser introduced in #1947?

I don't actually see that PR adding tests for this specifically, so the current tests are might not be enough to verify this doesn't reintroduce the CVE.

[ropalka]

The strictness of expecting reason-phrase to have lenght >= 1 was an oversight @rhusar .
The test updated in this PR introduced RESPONSE2 & RESPONSE3 - both are omitting reason phrase to ensure it is tested.