patch(core/url): Throw if VERDACCIO_FORWARDED_PROTO resolves to an array

[Tobbe]

requestOptions.headers are of type IncomingHttpHeaders. This is a dictionary whose values can be string | string[] | undefined. Looking at all the keys we can see that only "set-cookie?" allows a value of type string[].

requestOptions.headers is used like this: requestOptions.headers[protoHeader]. So only if protoHeader has the value "set-cookie" can the returned value ever be an array. For all other values it's either going to be undefined or a string. So only for "set-cookie" will this code ever potentially throw this new error that is added in this PR.

So. If for some very very weird reason 🙃 some user of Verdaccio has configured VERDACCIO_FORWARDED_PROTO to have the value "set-cookie" this is before and after this PR:

Before:
forwardedProtocolHeaderValue is an array of strings. This is passed to getWebProtocol. That function will in this case return requestOptions.protocol, which is the same behavior as if forwardedProtocolHeaderValue was undefined or an empty string. (So another option would be to just allow string arrays to be passed to getWebProtocol. Would you prefer that?)

After:
A (hopefully) helpful error is thrown, letting the user know they have most likely misconfigured their setup

[juanpicado]

LGTM