appsec: support server.response.headers.no_cookies WAF address

[eliottness]

What does this PR do?

Adds a field to HandlerOperationRes in appsec/internal/dyngo/instrumentation/httpsec/http.go for response headers and send them to the WAF in appsec/internal/waf.go

Motivation

API Security is around the corner and we need to build support schemas for user responses. As such, two new addresses were created:

• server.response.headers.no_cookies
• server.response.body

This PR does half the job since the second address will be tricker to implement.

Reviewer's Checklist

• Changed code has unit tests for its functionality at or near 100% coverage.
• There is a benchmark for any new code, or changes to existing code.
• If this interacts with the agent in a new way, a system test has been added.

For Datadog employees:

• If this PR touches code that handles credentials of any kind, such as Datadog API keys, I've requested a review from @DataDog/security-design-and-guidance.
• This PR doesn't touch any of that.

Unsure? Have a question? Request a review!

[pr-commenter]

Benchmarks

Benchmark execution time: 2023-11-22 09:51:29

Comparing candidate commit e15864a in PR branch eliott.bouhana/APPSEC-11880/response-no-cookies with baseline commit 9cf50b3 in branch main.

Found 0 performance improvements and 0 performance regressions! Performance is the same for 40 metrics, 1 unstable metrics.

[eliottness]

System Tests Pipeline https://github.com/DataDog/dd-trace-go/actions/runs/6904287826

[Hellzy]

LGTM 👍