Fixing `@helia/http` to prevent endless downloads

[SgtPooki]

We should guard clients against attacks and set a default max block/chunk size at the retrieval layer.

Fixing @helia/http to prevent endless downloads sounds better approach - once the block is in the blockstore it's too late.

It should check the content-length header before continuing the download of a block (if present) but it should also count the downloaded bytes in case the header is a lie.

Originally posted by @achingbrain in ipfs/helia-verified-fetch#188 (comment)

[siddharthbaleja7]

@SgtPooki can i work on this issue?

[SgtPooki]

@siddharthbaleja7 I'm no longer in charge here! I would ask @lidel or @achingbrain but I think we resolved this one..