Discard "Authentication" and "Cookie" header

If wget for an http URL is redirected to a different site (hostname parts of URLs differ), then any "Authenticate" and "Cookie" header entries are discarded. Fix CVE-2021-31879 Fix #5

credit to @jmoellers

Signed-off-by: vlefebvre valentin.lefebvre@suse.com