Isolate SPDY and HTTP Keep-Alive to top-level domain
We need to prevent 3rd party domains from being able to correlate activity using HTTP Keep-Alive connections. We limited this linkability in legacy/trac#4603 (closed), but we should solve it entirely, if we can.