implement allowed-http-host-header
Related #314
Mainly inspired by django implementation https://docs.djangoproject.com/en/3.2/ref/settings/#allowed-hosts
This protects against HTTP Host header attacks
It is working as expected on my local tests.
The MR is on draft for now to see if the tests are ok.
Useful warnings are printed when the user haven't sent the option:
Don't hesitate if you want to change the formulation I wasn't very inspired.
Edited by Laurent Peuch