Reduce number of IDs and add test for cookie size

The amount of cookie data we’re allowed to store varies by browser and
platform, but to support most browsers, we should not exceed 4093 bytes
[1]. Storing four sets of up to 1000 IDs with high numerical values in
the session cookie exceeds this limit somewhat (the header becomes some
5600 bytes long), so let’s reduce it to just 250 IDs. This should still
be enough so that users will almost never re-encounter a skipped
revision because the revision ID was evicted from skipped_rev_ids before
the revision became too ancient to be reached, and for page IDs I think
I would actually prefer an even lower limit anyways.

I also considered implementing some kind of split session storage, where
we would store OAuth data, supported scripts etc. in the cookie (we want
those to be permanent) and IDs in the server’s memory (it’s fine to
discard these on restart), or perhaps even use Toolforge’s Redis
instance via Flask-Session [2], but ultimately I don’t think that
complexity is worth it (yet?). Perhaps I’ll revisit it when the time
comes to implement a “skipped users” feature.

[1]: http://browsercookielimits.squawky.net/
[2]: https://pythonhosted.org/Flask-Session/