Whitelist HTTP/HTTPS protocol at runtime

[jcamiel]

This Hurl file is not parsable with Hurl 5.0.1:

 GET file:///tmp/foo.txt

If we use a variable this file is OK

GET {{host}}

Run with hurl --variable=file:///tmp/foo.txt

$ hurl --variable=file:///tmp/foo.txt
error: HTTP connection
  --> -:1:5
   |
 1 | GET {{host}}
   |     ^^^^^^^^ could not parse Response
   |

We have an error, but the transfer has happens (it can works with curl). I think we should check protocol, at runtime, with a whilelist http:///https://.

A particular attention is also on following redirection, with this file:

GET http://localhost/foo.txt
[Options]
location: true

We should disallow at runtime any none HTTP/HTTPS transfer (for instance, is during redirection a header Location file:///tmp/foo.txt is sent. On the other hand, we shouldn't have any restriction on Location header value (could be file:///tmp/foo.txt if we don't follow redirection).

Related to #3293