Clear HTTP auth data on clearing browsing data

net/http/http_auth_cache.cc

Index: net/http/http_auth_cache.cc
diff --git a/net/http/http_auth_cache.cc b/net/http/http_auth_cache.cc
index 7a3a4e0f6714cb9b927af8d6c17fad4d0e8c12ae..84d1f02adacac607d8f07367067d0c4a5a59909e 100644
--- a/net/http/http_auth_cache.cc
+++ b/net/http/http_auth_cache.cc
@@ -252,8 +252,17 @@ bool HttpAuthCache::Remove(const GURL& origin,
   return false;
 }
 
-void HttpAuthCache::Clear() {
-  entries_.clear();
+void HttpAuthCache::Clear(base::Time delete_begin, base::Time delete_end) {

[asanka, 2016/07/12 17:50:32]

How feasible would it be to have the API be: void Clear(base::TimeDelta
duration) where any auth cache entry created within |duration| of
base::TimeTicks::Now() would be removed? It seems such an API would be
comparable in accuracy to what's being done here and would also be independent
of whether times are store in TimeTicks or Time.

[Tomasz Moniuszko, 2016/07/15 11:41:34]

Done.

+  DCHECK(!delete_end.is_null());
+
+  time_t begin_time = delete_begin.ToTimeT();
+  time_t end_time = delete_end.ToTimeT();
+  base::TimeTicks unix_epoch = base::TimeTicks::UnixEpoch();
+
+  entries_.remove_if([begin_time, end_time, unix_epoch](const Entry& entry) {
+    int64_t creation_time = (entry.creation_time_ - unix_epoch).InSeconds();
+    return creation_time >= begin_time && creation_time < end_time;
+  });
 }
 
 bool HttpAuthCache::UpdateStaleChallenge(const GURL& origin,