Handle WebSockets in filtered HTTP steal

[Razz4780]

When an UPGRADE request is detected and matched (against header or path), need to steal the current TCP connection completely. Relevant piece of code here

Edit: I found it very hard to navigate in the agent::steal module. I don't want to add more special cases and channels there, also spotted 3 bugs. Also, adjusting stuff to allow switching from http connection to raw tcp connection is not trivial. This time I'm gonna do series of smaller PR's to do this

• [ ] #2213
• [ ] ... (more work with steal module)
• [ ] #2214
• [x] #2224

[aviramha]

Edited OP to mention that only matched UPGRADE would make the whole connection stolen.