[acdha]

If the firewall has access to the traffic stream — say local “security” tool or a corporate managed environment — it can block the Upgrade header which attempts to turn the HTTP connection into a WebSocket. That's the kind of thing which doesn't affect a huge percentage of users but at Google's scale it's still a large number of people.

Re:McAfee, I wouldn't agree with the logic but I've heard people worry about data being tunneled out through new protocols which are harder to filter or used to establish some kind of a persistent control channel. In almost all cases this has high impact with little benefit unless you're filtering all other traffic strictly enough that malware can't use other common circumvention techniques.