SetHeader should replace entries with the same key

[lihe07]

The original SetHeader only appends the key-value pair to the end of headers list. The name SetHeader is therefore misleading.

Adding header to the end sometimes won't have the same effect as replacing the header. For example, if the original response has these headers:

Access-Control-Allow-Origin: https://example.com
Access-Control-Allow-Credentials: true

And after the following operations:

h.Response.SetHeader("Access-Control-Allow-Origin", "https://example.com")

The browser will complain about: The 'Access-Control-Allow-Origin' header contains multiple values 'https://example.com, https://example.com', but only one is allowed.

This PR changes the behavior of SetHeader to replace the value of the header if it exists. If the header does not exist, it will be appended to the end of the headers list.

Also, if one writes:

h.Response.SetHeader(
  "My-Header", "a",
  "My-Header", "b",
)

Only the last value will be kept.

[ysmood]

Could you also add a AddHeader function?

[lihe07]

Could you also add a AddHeader function?

Sure! It's there now.

[lihe07]

Sorry about that. Forgot to check CI.