Play!: Expose application filter to exclude fields in trace

[drpacman]

At present all query parameters and headers are added to the trace. This introduces a security risk if some of those fields contain sensitive information e.g. authentication tokens etc.

To mitigate this, enable query fields or header fields to be excluded from the trace (or at least masked with a dummy value) by the hosting application.

I think this will be simple to achieve by adding configurable filters to akka.tracing.play.TracingSettings which can be applied in addHttpAnnotations.

(I will try and implement this week)