Fixes for r61911:
* Do not follow redirects by default. This breaks on safe_mode, and may potentially open security vulnerabilities in callers which blacklist domain names. Instead, send followRedirects=true option in the HttpTest caller that needs it.
* Added a check for the cURL security vulnerability CVE-2009-0037, which allowed redirects to file:/// and scp://. Refuse to follow redirects if a vulnerable client library is present.
* Factored out the redirect compatibility test into public function canFollowRedirects() so that callers can provide this information to users.
* In PhpHttpRequest, only follow redirects to HTTP URLs, do not fopen() arbitrary locations. This is not quite as bad as it sounds, since the lack of response headers prevents file:/// content from being returned to the caller.
* Fixed vertical alignment in Http::request(), per style guide.
* 304, 305 and 306 responses are not really redirects and cannot contain a Location header.