Support redirectUrl at onHeadersReceived in WebRequest / DWR API

net/http/http_response_headers.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // The rules for header parsing were borrowed from Firefox:
 // http://lxr.mozilla.org/seamonkey/source/netwerk/protocol/http/src/nsHttpResponseHead.cpp
 // The rules for parsing content-types were also borrowed from Firefox:
 // http://lxr.mozilla.org/mozilla/source/netwerk/base/src/nsURLHelper.cpp#834
 
 #include "net/http/http_response_headers.h"
@@ skipping 881 matching lines @@
 // static
 bool HttpResponseHeaders::IsRedirectResponseCode(int response_code) {
   // Users probably want to see 300 (multiple choice) pages, so we don't count
   // them as redirects that need to be followed.
   return (response_code == 301 ||
           response_code == 302 ||
           response_code == 303 ||
           response_code == 307);
 }
 
+void HttpResponseHeaders::SetSafeRedirect(GURL new_url) {
+  DCHECK(new_url.is_valid());
+  // Replace the status line and Location header
+  std::string new_raw_headers("HTTP/1.1 307 Temporary Redirect");
+  new_raw_headers.push_back('\0');
+  new_raw_headers.append("Location: " + new_url.spec());
+  new_raw_headers.push_back('\0');
+
+  HeaderSet to_remove;
+  to_remove.insert("location");
+
+  MergeWithHeaders(new_raw_headers, to_remove);
+
+  allowed_unsafe_redirect_url_ = new_url;
+}
+
+bool HttpResponseHeaders::IsSafeRedirect(const GURL& location) const {
+  if (allowed_unsafe_redirect_url_.is_valid()) {
+    GURL::Replacements replacements;
+    replacements.ClearRef();

[mmenke, 2014/03/20 16:13:32]

Hrm...  Is this needed?

[robwu, 2014/03/20 16:21:11]

Yes, URLRequestJob::NotifyHeadersComplete() copies the ref from the original URL
to the redirect URL if the redirect target has no # part.

[mmenke, 2014/03/20 16:40:28]

Thanks for the pointer!  Then we should clear the ref on
allowed_unsafe_redirect_url_ as well (Since the forced redirect may have a ref,
and we can't rely on the caller to know it should be removed).

Should have some more tests for this logic.

Suggested cases:
* First url has ref, redirect and allowed_unsafe_redirect_url_ doesn't have a
ref.
* First url has no ref, redirect and allowed_unsafe_redirect_url_ have a ref
* First url has a ref, redirect and allowed_unsafe_redirect_url_ have a
different ref

[robwu, 2014/03/20 17:28:14]

The ref is already cleared on both URLs.
Will add.

+    return location.ReplaceComponents(replacements) ==
+        allowed_unsafe_redirect_url_.ReplaceComponents(replacements);
+  }
+  return false;
+}
+bool HttpResponseHeaders::HasSafeRedirect() const {
+  return allowed_unsafe_redirect_url_.is_valid();
+}
+
 // From RFC 2616 section 13.2.4:
 //
 // The calculation to determine if a response has expired is quite simple:
 //
 //   response_is_fresh = (freshness_lifetime > current_age)
 //
 // Of course, there are other factors that can force a response to always be
 // validated or re-fetched.
 //
 bool HttpResponseHeaders::RequiresValidation(const Time& request_time,
@@ skipping 528 matching lines @@
   iter = NULL;
   while (EnumerateHeader(&iter, "via", &value))
     if (value == kDeprecatedChromeProxyViaValue)
       return true;
 
   return false;
 }
 #endif  // defined(SPDY_PROXY_AUTH_ORIGIN)
 
 }  // namespace net