Secrets and Logging / Stringifying

[SchlenkR]

When transforming requests / responses to string, secrets (like values from Authorization headers, and maybe others) could be omitted or rendered with ****

• could be a configurable aspect (on/off)
• the headers to which that behaviour applies could also be configurable

See discussion here: #195