Disable access to critical CGIs via untrusted referrers.

Disable access to critical CGIs via untrusted referrers.
This prevents users from being tricked by malicious websites
into making unintentional configuration changes:

 - Added flag to each cgi_dispatcher that allows or denies
   external linking
 - Introduced proviorical function that greps for the
   referrer header before regular header parsing happens
 - Added safety check to dispatch_known_cgi. CGI is called
   if (cgi harmless || no referrer || we are referrer).
   Else a) toggle calls are modified not to change status and
   b) all other calls are denied.