#23447: Gateway: harden hook ingress content-type validation

## Summary - enforce hook request content-type allowlist (`application/json` by default) - add `hooks.allowedContentTypes` config + schema validation - reject unsupported/missing content type with HTTP 415 before body parsing - preserve bounded hook body handling and ensure oversize payloads reliably return 413 ## Why This hardens hook ingress against content-type parsing edge cases and request-shape abuse while keeping existing body-size protection in place. ## Testing - `pnpm check` - `pnpm test src/gateway/hooks.test.ts` - `pnpm test src/gateway/server-http.hooks-request-timeout.test.ts` - `pnpm test src/infra/http-body.test.ts` - `pnpm test:e2e src/gateway/server.hooks.e2e.test.ts` <!-- greptile_comment --> <h3>Greptile Summary</h3> This PR adds content-type validation to the webhook/hooks ingress endpoint. The implementation enforces an allowlist of accepted content-types (defaulting to `application/json`) and rejects unsupported types with HTTP 415 before parsing the request body. The validation is configurable via `hooks.allowedContentTypes` and properly normalizes content-type headers by stripping charset parameters and converting to lowercase. The PR also includes a minor cleanup to `http-body.ts` removing redundant request destruction code when content-length exceeds the limit. <h3>Confidence Score: 5/5</h3> - This PR is safe to merge with minimal risk - The changes are well-tested with comprehensive unit and e2e test coverage, the implementation follows existing patterns in the codebase, and the feature provides a clear security hardening benefit by validating content-type before body parsing. The normalization logic is sound and handles edge cases appropriately. - No files require special attention _{Last reviewed commit: 726f5ed} <!-- greptile_other_comments_section --> <!-- /greptile_comment -->