Thanks for the feedback. We tested with back ends running apache 2.2, 2.4, and nginx and all displayed the same problem so I assume it will be a fairly widespread issue.
I created the topic in the LUA section. Fix HTTP2 Cookies
While not required, in our environment I have also set HAProxy to delete the cookies on static files before they are checked to stop those requests being sent to LUA. I have no idea performance wise if it is better but I figure the more I can do in HAProxy the better. On our websites it drops the number of requests that LUA needs to process down from 32 to five.
# ACLs FOR STATIC CONTENT
acl static_content path_end .jpg .gif .png .css .js .htm .html .map .woff .svg .woff2
http-request del-header cookie if static_content
http-request lua.fix-http2-cookies if { req.fhdr_cnt(cookie) gt 1 }