Store dynamic Expect-CT state
This CL begins to implement the Expect-CT HTTP header (draft spec at
https://tools.ietf.org/html/draft-ietf-httpbis-expect-ct-00). It adds:
- a map to TransportSecurityState to track dynamically enabled Expect-CT
hosts, mirroring how dynamic HPKP and HSTS state is stored.
- corresponding TransportSecurityState methods for adding, updating,
and retrieving dynamic Expect-CT state.
- fields to the pre-existing TransportSecurityState::ExpectCTState struct
needed to implement the spec (in particular, an |enforce| boolean and
dates for implementing max-age). The ExpectCTState struct has up
until now only been used for implementing Chrome's experimental
preload-list-only version of Expect-CT, which is report-only and does
not have an enforcement mode, nor a dynamic version.
(I2I at https://groups.google.com/a/chromium.org/d/msg/blink-dev/tgn5R-58iek/Q6YCnu0RFQAJ)
BUG=679012
Review-Url: https://codereview.chromium.org/2747173005
Cr-Commit-Position: refs/heads/master@{#465077}
3 files changed