Process Public-Key-Pin-Report-Only headers

net/http/transport_security_state.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef NET_HTTP_TRANSPORT_SECURITY_STATE_H_
 #define NET_HTTP_TRANSPORT_SECURITY_STATE_H_
 
 #include <stdint.h>
 
 #include <map>
@@ skipping 281 matching lines @@
                bool include_subdomains);
 
   // Adds explicitly-specified data as if it was processed from an
   // HPKP header (used for net-internals and unit tests).
   void AddHPKP(const std::string& host,
                const base::Time& expiry,
                bool include_subdomains,
                const HashValueVector& hashes,
                const GURL& report_uri);
 
+  // Parses |value| as a Public-Key-Pins-Report-Only header value and
+  // sends a HPKP report for |host_port_pair| if |ssl_info| violates the
+  // pin. Returns true if |value| parses and includes a valid
+  // report-uri, and false otherwise.
+  bool ProcessHPKPReportOnlyHeader(const std::string& value,
+                                   const HostPortPair& host_port_pair,
+                                   const SSLInfo& ssl_info);
+
   // Returns true iff we have any static public key pins for the |host| and
   // iff its set of required pins is the set we expect for Google
   // properties.
   //
   // If |host| matches both an exact entry and is a subdomain of another
   // entry, the exact match determines the return value.
   static bool IsGooglePinnedProperty(const std::string& host);
 
   // The maximum number of seconds for which we'll cache an HSTS request.
   static const long int kMaxHSTSAgeSecs;
@@ skipping 70 matching lines @@
 
   // True if static pins should be used.
   bool enable_static_pins_;
 
   DISALLOW_COPY_AND_ASSIGN(TransportSecurityState);
 };
 
 }  // namespace net
 
 #endif  // NET_HTTP_TRANSPORT_SECURITY_STATE_H_