Update flashlight to pass as is HTTP responses with certain 4xx status codes

[atavism]

In flashlight's proxied package, the dual fetcher--that executes HTTP requests using both chained and fronted servers--treats 4xx client error HTTP response codes--like 400 Bad Request and 401 Unauthorized--as requests that fail from being unable to connect to an upstream proxy. The relevant area of the code is here: https://github.com/getlantern/flashlight/blob/devel/proxied/proxied.go#L283

The reason the client 4xx error responses aren't passed as is already is because our fronted servers return a 403 forbidden error whenever we encounter a masquerade host on which domain fronting doesn't work and we were unable to differentiate between them.

Since the fronted servers only 403 errors, however, we can filter and pass as is 400 and 401 HTTP responses (since these typically signal client errors like the user entering invalid credentials)

[atavism]

Marking as a draft for now. From @oxtoacart on Slack:

thinking about this a bit - a more reliable solution might be to have our servers return a header that identifies that the response came from us, much like Amazon’s servers do

if we see that header, we can always pass the response to the client no matter what the status code

So let's just do that instead