Add option to remove high-entropy low-effect response headers before signing

[twifkak]

webpkgserver will set a default lifetime of 1 day for JS resources and 7 days for others (src). However, any HTML that preloads JS is effectively 1-day, unless the publisher can refresh a JS SXG without updating its header-integrity.

GetFullHeader() should (default on, opt-out via toml config) remove any headers that are likely to change often, but don't affect the way the subresource is interpreted by the browser. The Date header comes to mind, but it's worth a cursory glance of the HTTP spec to unearth any others.