Fixes #301, by aligning with the 3/4 browser majority and checking the
type of the completion value, turning non-strings and thrown errors into
204s. (Thrown errors are still reported, however.)
While working on this algorithm, we fix #945 by copying the HTTPS state
This also does some minor cleanup to clarify that "run a classic script"
returns undefined when scripting is disabled.
#1129 was opened to track a remaining open issue discovered, which is
exactly how the JS string completion value becomes a response body. For
now the spec includes a warning saying that this is underspecified.