Add support for username / password auth in URLs to external CONNECT proxies

[pspieker-stripe]

Tested with:

go test -v -run ^TestCONNECTProxyACLs/Allows_an_approved_proxy_when_the_X-Upstream-Https-Proxy_header_is_set$

One note - subdomains are still denied if not explicitly allowed on the ACL! So

https://param1_username-param2-param3:[email protected]:12345

may be allowed while:

https://param1_username-param2-param3:[email protected]:12345

Testing

Manually tested as in below!