adding health warning about insecure protocols for LOAD CSV

modules/ROOT/pages/clauses/load-csv.adoc

@@ -90,6 +90,12 @@ You can import data from a CSV file hosted on a remote path.
 `LOAD CSV` supports accessing CSV files via HTTPS, HTTP, and FTP (with or without credentials).
 It also follows redirects, except those changing the protocol (for security reasons).
 
+[IMPORTANT]
+====
+It strongly recommended to only allow secure protocols like HTTPS in favour of allowing insecure protocols like HTTP. If allowing an insecure protocol is completely unavoidable, then Neo4j internally takes some measures to make these requests as secure as possible within their limitations. However, this means that insecure URLs which are located somewhere which uses virtual hosting will not work. The only way to load an insecure resource from a virtually hosted URL is to add the JVM argument `-Dsun.net.http.allowRestrictedHeaders=true` to the link:{neo4j-docs-base-uri}/operations-manual/{page-version}/configuration/configuration-settings/#config_server.jvm.additional/[jvm.additional]  config setting. For the sake of security, it is strongly recommended that this be avoided at all cost and that you only permit loading of resources over secure protocols. This can be achieved by limiting link:{neo4j-docs-base-uri}/operations-manual/{page-version}/authentication-authorization/load-privileges/#access-control-load-cidr/[load privileges] to trusted sources that use secure protocols.
+====
+
+
 .Import artists name and year information from a remote file via HTTPS
 ====