Don't send Content-Type when redirecting from a POST....

net/url_request/url_request.cc

 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/url_request/url_request.h"
 
 #include "base/basictypes.h"
 #include "base/message_loop.h"
 #include "base/process_util.h"
 #include "base/singleton.h"
 #include "base/stats_counters.h"
+#include "base/string_util.h"
 #include "googleurl/src/gurl.h"
 #include "net/base/load_flags.h"
 #include "net/base/net_errors.h"
 #include "net/base/upload_data.h"
+#include "net/http/http_util.h"
 #include "net/url_request/url_request_job.h"
 #include "net/url_request/url_request_job_manager.h"
 
 #ifndef NDEBUG
 URLRequestMetrics url_request_metrics;
 #endif
 
 using base::Time;
 using net::UploadData;
 using std::string;
@@ skipping 261 matching lines @@
   DCHECK(job_);
 
   job_->ContinueDespiteLastError();
 }
 
 void URLRequest::OrphanJob() {
   job_->DetachRequest();  // ensures that the job will not call us again
   job_ = NULL;
 }
 
+// static
+std::string URLRequest::StripPostSpecificHeaders(const std::string& headers) {
+  // These are headers that may be attached to a POST.
+  static const char* const kPostHeaders[] = {
+      "content-type",
+      "content-length",
+      "origin"
+  };
+
+  std::string stripped_headers;
+  net::HttpUtil::HeadersIterator it(headers.begin(), headers.end(), "\r\n");
+  
+  while (it.GetNext()) {
+    bool is_post_specific = false;
+    for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kPostHeaders); ++i) {
+      if (LowerCaseEqualsASCII(it.name_begin(), it.name_end(),
+                               kPostHeaders[i])) {
+        is_post_specific = true;
+        break;
+      }
+    }
+    if (!is_post_specific) {
+      // Assume that name and values are on the same line.
+      stripped_headers.append(it.name_begin(), it.values_end());
+      stripped_headers.append("\r\n");
+    }
+  }
+  return stripped_headers;
+}
+
 int URLRequest::Redirect(const GURL& location, int http_status_code) {
   // TODO(darin): treat 307 redirects of POST requests very carefully.  we
   // should prompt the user before re-submitting the POST body.
   DCHECK(!(method_ == "POST" && http_status_code == 307)) << "implement me!";
 
   if (redirect_limit_ <= 0) {
     DLOG(INFO) << "disallowing redirect: exceeds limit";
     return net::ERR_TOO_MANY_REDIRECTS;
   }
 
   if (!job_->IsSafeRedirect(location)) {
     DLOG(INFO) << "disallowing redirect: unsafe protocol";
     return net::ERR_UNSAFE_REDIRECT;
   }
 
   // NOTE: even though RFC 2616 says to preserve the request method when
   // following a 302 redirect, normal browsers don't do that.  instead, they
   // all convert a POST into a GET in response to a 302, and so shall we.
+  bool was_post = method_ == "POST";
   url_ = location;
   method_ = "GET";
   upload_ = 0;
   status_ = URLRequestStatus();
   --redirect_limit_;
 
+  if (was_post) {
+    // If being switched from POST to GET, must remove headers that were
+    // specific to the POST and don't have meaning in GET. For example
+    // the inclusion of a multipart Content-Type header in GET can cause
+    // problems with some servers:
+    // http://code.google.com/p/chromium/issues/detail?id=843
+    //
+    // TODO(eroman): It would be better if this data was structured into
+    // specific fields/flags, rather than a stew of extra headers.
+    extra_request_headers_ = StripPostSpecificHeaders(extra_request_headers_);
+  }
+
   if (!final_upload_progress_) {
     final_upload_progress_ = job_->GetUploadProgress();
   }
 
   OrphanJob();
 
   is_pending_ = false;
   Start();
   return net::OK;
 }
 
 int64 URLRequest::GetExpectedContentSize() const {
   int64 expected_content_size = -1;
   if (job_)
     expected_content_size = job_->expected_content_size();
 
   return expected_content_size;
 }