That said...You could just use corkscrew.
https://wiki.archlinux.org/index.php/HTTP_tunneling
Corkscrew + SSH has been helping individuals escape restrictive corporate networks for years.
Pretty sure SSH for remote server on port 443 plus corkscrew offers more than this solution. (Socks proxy, etc. Very flexible. No need for DNS muckery you would need with this solutions example etc.)
It's encrypted so firewalls shouldn't be able to tell the difference.
I would indeed find it surprising if any commercial firewalls distinguish websockets over TLS versus raw bytes over TLS. Not that it's impossible, but I wouldn't think it would be done commercially.
