Adding CORB protection UMA metrics (part 4): Sniffing!

With this change sensitive resources (i.e. resources satisfying either
the CORS or cache heuristics) will be sniffed if necessary when we
check if they would have been protected from cross-origin requests.
Previously if sniffing was needed we simply reported kNeedToSniffMore.

Note that this change will result in CORB sniffing additional
resources. However only sensitive, same-origin resources will be
impacted. Additionally, this change includes a CORBProtectionSniffing
feature which will act as a kill-switch in the event we need to quickly
turn off this additional sniffing.


Bug: 815290
Change-Id: I32ee946176e00df329542f26244b25eb6596fd3f
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1680988
Reviewed-by: Reilly Grant <reillyg@chromium.org>
Reviewed-by: Charlie Reis <creis@chromium.org>
Reviewed-by: Ɓukasz Anforowicz <lukasza@chromium.org>
Commit-Queue: Kristina Nelson <krstnmnlsn@google.com>
Cr-Commit-Position: refs/heads/master@{#676699}
6 files changed