Support redirectUrl at onHeadersReceived in WebRequest / DWR API

chrome/browser/extensions/api/web_request/web_request_api_helpers.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/extensions/api/web_request/web_request_api_helpers.h"
 
 #include <cmath>
 
 #include "base/bind.h"
 #include "base/strings/string_number_conversions.h"
@@ skipping 306 matching lines @@
       }
     }
   }
   return result;
 }
 
 EventResponseDelta* CalculateOnHeadersReceivedDelta(
     const std::string& extension_id,
     const base::Time& extension_install_time,
     bool cancel,
+    const GURL& new_url,
     const net::HttpResponseHeaders* old_response_headers,
     ResponseHeaders* new_response_headers) {
   EventResponseDelta* result =
       new EventResponseDelta(extension_id, extension_install_time);
   result->cancel = cancel;
+  result->new_url = new_url;
 
   if (!new_response_headers)
     return result;
 
   // Find deleted headers (header keys are treated case insensitively).
   {
     void* iter = NULL;
     std::string name;
     std::string value;
     while (old_response_headers->EnumerateHeaderLines(&iter, &name, &value)) {
@@ skipping 54 matching lines @@
     if ((*i)->cancel) {
       *canceled = true;
       net_log->AddEvent(
           net::NetLog::TYPE_CHROME_EXTENSION_ABORTED_REQUEST,
           CreateNetLogExtensionIdCallback(i->get()));
       break;
     }
   }
 }
 
-// Helper function for MergeOnBeforeRequestResponses() that allows ignoring
+// Helper function for MergeRedirectUrlOfResponses() that allows ignoring
 // all redirects but those to data:// urls and about:blank. This is important
 // to treat these URLs as "cancel urls", i.e. URLs that extensions redirect
 // to if they want to express that they want to cancel a request. This reduces
 // the number of conflicts that we need to flag, as canceling is considered
 // a higher precedence operation that redirects.
 // Returns whether a redirect occurred.
-static bool MergeOnBeforeRequestResponsesHelper(
+static bool MergeRedirectUrlOfResponsesHelper(
     const EventResponseDeltas& deltas,
     GURL* new_url,
     extensions::ExtensionWarningSet* conflicting_extensions,
     const net::BoundNetLog* net_log,
     bool consider_only_cancel_scheme_urls) {
   bool redirected = false;
 
   // Extension that determines the |new_url|.
   std::string winning_extension_id;
   EventResponseDeltas::const_iterator delta;
@@ skipping 21 matching lines @@
               (*delta)->new_url,
               *new_url));
       net_log->AddEvent(
           net::NetLog::TYPE_CHROME_EXTENSION_IGNORED_DUE_TO_CONFLICT,
           CreateNetLogExtensionIdCallback(delta->get()));
     }
   }
   return redirected;
 }
 
-void MergeOnBeforeRequestResponses(
+void MergeRedirectUrlOfResponses(
     const EventResponseDeltas& deltas,
     GURL* new_url,
     extensions::ExtensionWarningSet* conflicting_extensions,
     const net::BoundNetLog* net_log) {
 
   // First handle only redirects to data:// URLs and about:blank. These are a
   // special case as they represent a way of cancelling a request.
-  if (MergeOnBeforeRequestResponsesHelper(
+  if (MergeRedirectUrlOfResponsesHelper(
           deltas, new_url, conflicting_extensions, net_log, true)) {
     // If any extension cancelled a request by redirecting to a data:// URL or
     // about:blank, we don't consider the other redirects.
     return;
   }
 
   // Handle all other redirects.
-  MergeOnBeforeRequestResponsesHelper(
+  MergeRedirectUrlOfResponsesHelper(
       deltas, new_url, conflicting_extensions, net_log, false);
 }
 
+void MergeOnBeforeRequestResponses(
+    const EventResponseDeltas& deltas,
+    GURL* new_url,
+    extensions::ExtensionWarningSet* conflicting_extensions,
+    const net::BoundNetLog* net_log) {
+  MergeRedirectUrlOfResponses(deltas, new_url, conflicting_extensions, net_log);
+}
+
 // Assumes that |header_value| is the cookie header value of a HTTP Request
 // following the cookie-string schema of RFC 6265, section 4.2.1, and returns
 // cookie name/value pairs. If cookie values are presented in double quotes,
 // these will appear in |parsed| as well. We can assume that the cookie header
 // is written by Chromium and therefore, well-formed.
 static void ParseRequestCookieLine(
     const std::string& header_value,
     ParsedRequestCookies* parsed_cookies) {
   std::string::const_iterator i = header_value.begin();
   while (i != header_value.end()) {
@@ skipping 608 matching lines @@
         return (*delta)->extension_id;
     }
   }
   return std::string();
 }
 
 void MergeOnHeadersReceivedResponses(
     const EventResponseDeltas& deltas,
     const net::HttpResponseHeaders* original_response_headers,
     scoped_refptr<net::HttpResponseHeaders>* override_response_headers,
+    GURL* allowed_unsafe_redirect_url,
     extensions::ExtensionWarningSet* conflicting_extensions,
     const net::BoundNetLog* net_log) {
   EventResponseDeltas::const_iterator delta;
 
   // Here we collect which headers we have removed or added so far due to
   // extensions of higher precedence. Header keys are always stored as
   // lower case.
   std::set<ResponseHeader> removed_headers;
   std::set<ResponseHeader> added_headers;
 
@@ skipping 61 matching lines @@
               (*delta)->extension_id, winning_extension_id,
               conflicting_header));
       net_log->AddEvent(
           net::NetLog::TYPE_CHROME_EXTENSION_IGNORED_DUE_TO_CONFLICT,
           CreateNetLogExtensionIdCallback(delta->get()));
     }
   }
 
   MergeCookiesInOnHeadersReceivedResponses(deltas, original_response_headers,
       override_response_headers, conflicting_extensions, net_log);
+
+  GURL new_url;
+  MergeRedirectUrlOfResponses(
+      deltas, &new_url, conflicting_extensions, net_log);
+  if (new_url.is_valid()) {
+    // Only create a copy if we really want to modify the response headers.
+    if (override_response_headers->get() == NULL) {
+      *override_response_headers = new net::HttpResponseHeaders(
+          original_response_headers->raw_headers());
+    }
+    (*override_response_headers)->ReplaceStatusLine("HTTP/1.1 302 Found");
+    (*override_response_headers)->RemoveHeader("location");
+    (*override_response_headers)->AddHeader("Location: " + new_url.spec());
+    // Explicitly mark the URL as safe for redirection, to prevent the request
+    // from being blocked because of net::ERR_UNSAFE_REDIRECT.
+    *allowed_unsafe_redirect_url = new_url;
+  }
 }
 
 bool MergeOnAuthRequiredResponses(
     const EventResponseDeltas& deltas,
     net::AuthCredentials* auth_credentials,
     extensions::ExtensionWarningSet* conflicting_extensions,
     const net::BoundNetLog* net_log) {
   CHECK(auth_credentials);
   bool credentials_set = false;
   std::string winning_extension_id;
@@ skipping 92 matching lines @@
   return net::HttpUtil::IsToken(name);
 }
 
 bool IsValidHeaderValue(const std::string& value) {
   // Just a sanity check: disallow NUL and CRLF.
   return value.find('\0') == std::string::npos &&
       value.find("\r\n") == std::string::npos;
 }
 
 }  // namespace extension_web_request_api_helpers