HTTP encoding

I was testing some evasion techniques using HTTP unicode encoding, and I was
surprised to see that Bro seems to completely miss the attacks in that case.

Indeed, it lacks a Unicode decoder :-(. Morley Mao wrote one a while ago,
which unfortunately never got integrated. I'd be happy to send it along
to someone who wants to bring it up to date (and I promise to integrate
the result!).