We force a connection to a pre-resolved IP to avoid being tricked
into connecting to a local host, but hosts that use SNI need the
hostname in the SSL negotiation instead of an IP.
Fixes the problem with CloudFlare blocking requests to medium.com,
which prevented the URL canonicalization code from being run when a
medium URL was submitted, which prevented us from stripping off
those stupid referral codes medium attaches to URLs (which could
be stripped out in Story#url= but medium allows custom domains, so
that wouldn't work for things like m.signalvnoise.com).
Code from Pushover.
when doing redirections, continue with the user-supplied headers,
not the ones we've been accumulating
fixes the problem of sending the wrong Host header to a redirection
