Allow override of metrics URL in client for security

[snarlysodboxer]

Some use cases require being able to protect against a bad actor on the proxy side. E.G. someone with access to the proxy could send valid yet malicious requests through the client, defeating the purpose of the network barrier.

For example, if I run node-exporter and mysql on the same machine, running the client on that machine would allow access to mysql by a compromised prometheus environment. I think many people's security requirements won't allow that.

How do you feel about a patch that adds a backwards compatible --override-url option to the client?

#41 has no feedback, thus creating this issue.

[brian-brazil]

It'd expected that you'll protect the proxy. The whole purpose of this application is to get around network obstacles.