Avoid regex backtracking on If-None-Match header

[CVE-2023-22795]

Author: jhawthorn

actionpack/lib/action_dispatch/http/cache.rb

@@ -18,7 +18,7 @@ def if_none_match
         end
 
         def if_none_match_etags
-          if_none_match ? if_none_match.split(/\s*,\s*/) : []
+          if_none_match ? if_none_match.split(",").each(&:strip!) : []
         end
 
         def not_modified?(modified_at)