fix(net): honor Host header override by setting req.Host

[JordanWesolowski-Moodys]

Problem

Putting Host in a target's headers array has no effect on the wire. Go's net/http ignores req.Header.Set("Host", ...) — the value must be assigned to req.Host. The server sees the URL's hostname instead of the override.

This breaks a common probe pattern: hitting a load balancer directly (by ELB DNS or IP) while overriding Host for virtual-host routing on the backend (ingress controllers, ALB listener rules, nginx vhosts). curl --header 'Host: ...' supports it; updo did not match.

Repro

[[targets]]
name = "lb-direct"
url = "https://<elb-dns>/.well-known/openid-configuration"
headers = ["Host: service.example.com"]
skip_ssl = true

Before fix: backend returns 404 (routed by ELB hostname).
After fix: backend routes by overridden Host, returns 200.

Fix

In net/net.go makeHTTPRequest, detect Host case-insensitively in the headers loop and assign req.Host instead of req.Header.Set. Other headers unchanged. RequestHeaders still records the override so structured logs show what was sent.

for name, value := range options.Headers {
    if strings.EqualFold(name, "Host") {
        req.Host = value
    } else {
        req.Header.Set(name, value)
    }
    result.RequestHeaders.Set(name, value)
}

Test

New TestCheckWebsiteWithHostHeader in net/net_test.go — httptest server asserts r.Host matches the override and the result records it in RequestHeaders. Fails on current main, passes with patch.

Notes

• TLS SNI still derives from the URL hostname (Go stdlib behavior). Matches curl --insecure --header 'Host: ...'. Users hitting an LB by IP or mismatched DNS already need skip_ssl = true, same as with curl.
• No config schema change; existing headers array keeps working.

[pgagnidze]

Thanks for the fix, @JordanWesolowski-Moodys!