Strict mode (ForceManaged: 1) does not work if repository is redirecting to CDN with 301 code. Feature request: make this possible.

I need strict mode to comply to PCI DSS requirements: allow using only explicitly listed repositories.

Some apt repositories, like packages.gitlab.com, use CND to distribute content. 301 code is returned pointing to some CDN host, for example:

https://packages.gitlab.com/gitlab/gitlab-ce/ubuntu/dists/xenial/Release goes to

https://d20rj4el6vkp4c.cloudfront.net/7/8/ubuntu/dists/xenial/Release?t=1561560284_b750caae01c89c0887b4eb67302001838be632e5

Every time they use a new host, so I can not write it to Remap directive.

Adding option to cache content from 301 redirects, returning it to client as original file, not showing redirection, would solve this problem.