Adding ReDoS warning/documentation to RewriteValve

[groundboi]

After reporting a potential DoS in "Rewrite Rules" to the Tomcat security team, it was decided that there was no bug in Tomcat itself, but rather in how a user sets up their Tomcat server. Thus, I was instructed by the security team to create a PR for updated documentation to better educate users on appropriate usage of Rewrite Rules. This commit added javadoc comments for the RewriteValve class, as instructed.

Furthermore, I'd like to update the documentation on this page as well, however I cannot find a mechanism to do so: https://tomcat.apache.org/tomcat-9.0-doc/rewrite.html

[markt-asf]

That page is generated from this file:
https://github.com/apache/tomcat/blob/master/webapps/docs/rewrite.xml

[groundboi]

Great, thanks. I just included a statement for the documentation in there as well.

[markt-asf]

Thanks. I applied the patch along with a couple of formatting tweaks, a cross-reference from the security how to page and a change log entry (giving you credit for the change).