Add REDIRECT_HTTP_AUTHORIZATION into keysToHide

Hi, just suggestion. Shouldn't be key "REDIRECT_HTTP_AUTHORIZATION" and/or "HTTP_AUTHORIZATION" between default keys to hide?

They may be used for header authorization like "Authorization: Basic base_64(login:password)"

