Preserve non-POST methods on 301/302 requests.

net/url_request/url_request.cc

Index: net/url_request/url_request.cc
===================================================================
--- net/url_request/url_request.cc	(revision 106911)
+++ net/url_request/url_request.cc	(working copy)
@@ -695,17 +695,29 @@
     return ERR_UNSAFE_REDIRECT;
   }
 
-  bool strip_post_specific_headers = false;
-  if (http_status_code != 307) {
-    // NOTE: Even though RFC 2616 says to preserve the request method when
-    // following a 302 redirect, normal browsers don't do that.  Instead, they
-    // all convert a POST into a GET in response to a 302 and so shall we.  For
-    // 307 redirects, browsers preserve the method.  The RFC says to prompt the
-    // user to confirm the generation of a new POST request, but IE omits this
-    // prompt and so shall we.
-    strip_post_specific_headers = method_ == "POST";
+  // NOTE: Even though RFC 2616 says to preserve the request method when
+  // following a 302 redirect, normal browsers don't do that.  Instead, they
+  // all convert a POST into a GET in response to a 302 and so shall we.  For
+  // 307 redirects, browsers preserve the method.  The RFC says to prompt the
+  // user to confirm the generation of a new requests, other than GET and HEAD
+  // requests, but IE omits these prompts and so shall we.
+  bool was_post = method_ == "POST";
+  bool rewrite_headers = true;

[willchan no longer on Chromium, 2011/10/25 15:38:32]

Julian Reschke sent me the following comments:
=====
- change "rewrite_headers" to "rewrite_method", and

- reverse the logic, so start with rewrite=false, and then switch to true for

 (status == 303 || was_post && (status == 301 || status == 302))
=====

I definitely agree with the first. The second I leave to your discretion, since
it's very much a matter of taste.

[mmenke, 2011/10/25 16:09:42]

I went ahead and did the second, which also allowed me to remove the
rewrite_method variable.

+  if (http_status_code == 307)
+    rewrite headers = false;
+  if ((http_status_code == 301 || http_status_code == 302) && !was_post)
+    rewrite_headers = false;
+  if (rewrite_headers) {
     method_ = "GET";
     upload_ = NULL;
+    if (was_post) {
+      // If being switched from POST to GET, must remove headers that were
+      // specific to the POST and don't have meaning in GET. For example
+      // the inclusion of a multipart Content-Type header in GET can cause
+      // problems with some servers:
+      // http://code.google.com/p/chromium/issues/detail?id=843
+      StripPostSpecificHeaders(&extra_request_headers_);
+    }
   }
 
   // Suppress the referrer if we're redirecting out of https.
@@ -715,15 +727,6 @@
   url_chain_.push_back(location);
   --redirect_limit_;
 
-  if (strip_post_specific_headers) {
-    // If being switched from POST to GET, must remove headers that were
-    // specific to the POST and don't have meaning in GET. For example
-    // the inclusion of a multipart Content-Type header in GET can cause
-    // problems with some servers:
-    // http://code.google.com/p/chromium/issues/detail?id=843
-    StripPostSpecificHeaders(&extra_request_headers_);
-  }
-
   if (!final_upload_progress_)
     final_upload_progress_ = job_->GetUploadProgress();