HSTS policies retrieval API additions

These two methods are used to implement the backend that allows WebKit to delete HSTS policies. This is a feature from WebKit's website data manager that allows a user to clean data from the browser, for privacy reasons. These methods are enough to fix #140 (closed) .

The one thing I am not 100% convinced is whether these methods are doing the right thing by returning session policies, as these are meant to be pre-loaded and non-expirable. Libsoup's HSTS feature never adds a session policy as a result of a response with a HSTS header, the only way a policy can be added as a session policy to an enforcer is programmatically, via the API. So I think the right thing would be for WebKit not to be able to delete session policies.

Perhaps a reasonable way to solve this would be to add an extra parameter to these methods, so that the user can decide if they want session policies too.