Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1852)

Unified Diff: net/http/http_response_headers.cc

Issue 154473002: Support redirectUrl at onHeadersReceived in WebRequest / DWR API (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Add more tests Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: net/http/http_response_headers.cc
diff --git a/net/http/http_response_headers.cc b/net/http/http_response_headers.cc
index 0072976ada2e16891a487683d7c2ed1dd214be71..adc072b070877158a3bbcfa6a5c8a8b37ce06f15 100644
--- a/net/http/http_response_headers.cc
+++ b/net/http/http_response_headers.cc
@@ -899,6 +899,35 @@ bool HttpResponseHeaders::IsRedirectResponseCode(int response_code) {
response_code == 307);
}
+void HttpResponseHeaders::SetSafeRedirect(GURL new_url) {
+ DCHECK(new_url.is_valid());
+ // Replace the status line and Location header
+ std::string new_raw_headers("HTTP/1.1 307 Temporary Redirect");
+ new_raw_headers.push_back('\0');
+ new_raw_headers.append("Location: " + new_url.spec());
+ new_raw_headers.push_back('\0');
+
+ HeaderSet to_remove;
+ to_remove.insert("location");
+
+ MergeWithHeaders(new_raw_headers, to_remove);
+
+ allowed_unsafe_redirect_url_ = new_url;
+}
+
+bool HttpResponseHeaders::IsSafeRedirect(const GURL& location) const {
+ if (allowed_unsafe_redirect_url_.is_valid()) {
+ GURL::Replacements replacements;
+ replacements.ClearRef();
mmenke 2014/03/20 16:13:32 Hrm... Is this needed?
robwu 2014/03/20 16:21:11 Yes, URLRequestJob::NotifyHeadersComplete() copies
mmenke 2014/03/20 16:40:28 Thanks for the pointer! Then we should clear the
robwu 2014/03/20 17:28:14 The ref is already cleared on both URLs.
+ return location.ReplaceComponents(replacements) ==
+ allowed_unsafe_redirect_url_.ReplaceComponents(replacements);
+ }
+ return false;
+}
+bool HttpResponseHeaders::HasSafeRedirect() const {
+ return allowed_unsafe_redirect_url_.is_valid();
+}
+
// From RFC 2616 section 13.2.4:
//
// The calculation to determine if a response has expired is quite simple:

Powered by Google App Engine
This is Rietveld 408576698