bug #19373 [Form] Skip CSRF validation on form when POST max size is exceeded (jameshalsall)

This PR was squashed before being merged into the 2.7 branch (closes #19373).

Discussion
----------

[Form] Skip CSRF validation on form when POST max size is exceeded

| Q             | A
| ------------- | ---
| Branch?       | 2.7
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | #19140
| License       | MIT
| Doc PR        | N/A

In #19140 the CSRF validation listener was not aware that the POST max size had exceeded, and was adding a form error message that wasn't relevant to the actual error.

This introduces the `ServerParams` utility class into the `CsrfValidationListener` and checks that the POST max size has not been exceeded. If it has then it won't bother trying to validate the CSRF token.

My main concern with this change is that it opens up an attack vector around tokens, but I've encapsulated the request size validation in a single method in `ServerParams` now so that the request handlers are using the same logic.

Commits
-------

289531f [Form] Skip CSRF validation on form when POST max size is exceeded

Author: fabpot

Resources/config/form_csrf.xml

@@ -16,6 +16,7 @@
             <argument>%form.type_extension.csrf.field_name%</argument>
             <argument type="service" id="translator.default" />
             <argument>%validator.translation_domain%</argument>
+            <argument type="service" id="form.server_params" />
         </service>
     </services>
 </container>