feat(security): Automatic XSRF handling.

Automatically recognize XSRF protection cookies, and set a corresponding XSRF
header. Allows applications to configure the cookie names, or if needed,
completely override the XSRF request configuration by binding their own
XSRFHandler implementation.

Part of #8511.

modules/@angular/integration_test/public_api_spec.ts

@@ -442,6 +442,7 @@ var HTTP: string[] = [
   'BrowserXhr',
   'Connection',
   'ConnectionBackend',
+  'CookieXSRFStrategy',
   'HTTP_BINDINGS',
   'HTTP_PROVIDERS',
   'Headers',
@@ -460,7 +461,8 @@ var HTTP: string[] = [
   'ResponseType',
   'URLSearchParams',
   'XHRBackend',
-  'XHRConnection'
+  'XHRConnection',
+  'XSRFStrategy',
 ];
 
 var HTTP_TESTING: string[] = ['MockBackend', 'MockConnection'];