I noticed that PHP likes to handle and free basic auth parameters internally (see here and here). This PR changes it so the basic auth header is forwarded to PHP instead of resolving it in go.

I suspect that this might fix some crashes in shutdown functions (like #2121 and #1841) since it allows us freeing the request_info after shutdown is finished. I haven't been able to reproduce these crashes yet though.