Do not cache Strict-Transport-Security and Public-Key-Pins headers.

This stops them from being honored (since they are absent) when loading
pages from cache. These headers should only take effect on live, error-free
HTTPS connections.

BUG=110817
TEST=net_unittests, HTTPSRequestTest.HTTPSErrorsNoClobberTSSTest

Review URL: http://codereview.chromium.org/9233026

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@121747 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 13 insertions, 1 deletions

diff --git a/net/http/http_response_headers_unittest.cc b/net/http/http_response_headers_unittest.cc
index eec259a..775946c 100644
--- a/net/http/http_response_headers_unittest.cc
+++ b/net/http/http_response_headers_unittest.cc
@@ -1,4 +1,4 @@
-// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -452,6 +452,18 @@ TEST(HttpResponseHeadersTest, Persist) {
       "Content-Length: 450\n"
       "Content-Encoding: gzip\n"
     },
+    // Test filtering of transport security state headers.
+    { net::HttpResponseHeaders::PERSIST_SANS_SECURITY_STATE,
+      "HTTP/1.1 200 OK\n"
+      "Strict-Transport-Security: max-age=1576800\n"
+      "Bar: 1\n"
+      "Public-Key-Pins: max-age=100000; "
+          "pin-sha1=\"ObT42aoSpAqWdY9WfRfL7i0HsVk=\";"
+          "pin-sha1=\"7kW49EVwZG0hSNx41ZO/fUPN0ek=\"",
+
+      "HTTP/1.1 200 OK\n"
+      "Bar: 1\n"
+    },
   };
 
   for (size_t i = 0; i < ARRAYSIZE_UNSAFE(tests); ++i) {