Support redirectUrl at onHeadersReceived in WebRequest / DWR API

net/url_request/url_request_http_job.cc

Index: net/url_request/url_request_http_job.cc
diff --git a/net/url_request/url_request_http_job.cc b/net/url_request/url_request_http_job.cc
index 947686cb9f2d9184310d031780b0c46fb5265d62..40a16088f7109e7e29342528b2fa7528edfe317a 100644
--- a/net/url_request/url_request_http_job.cc
+++ b/net/url_request/url_request_http_job.cc
@@ -805,11 +805,14 @@ void URLRequestHttpJob::OnStartCompleted(int result) {
       // |on_headers_received_callback_| or
       // |NetworkDelegate::URLRequestDestroyed()| has been called.
       OnCallToDelegate();
+      if (!allowed_unsafe_redirect_url_.is_empty())
+        allowed_unsafe_redirect_url_ = GURL();

[mmenke, 2014/03/21 18:15:04]

Should just always clear it here.  Code size and readability matter more here.

[robwu, 2014/03/25 00:04:00]

Done.

       int error = network_delegate()->NotifyHeadersReceived(
           request_,
           on_headers_received_callback_,
           headers.get(),
-          &override_response_headers_);
+          &override_response_headers_,
+          &allowed_unsafe_redirect_url_);
       if (error != net::OK) {
         if (error == net::ERR_IO_PENDING) {
           awaiting_callback_ = true;
@@ -1037,6 +1040,15 @@ bool URLRequestHttpJob::IsSafeRedirect(const GURL& location) {
       (location.scheme() == "http" || location.scheme() == "https")) {
     return true;
   }
+  // Delegates may mark an URL as safe for redirection.
+  if (allowed_unsafe_redirect_url_.is_valid()) {
+    GURL::Replacements replacements;
+    replacements.ClearRef();
+    if (allowed_unsafe_redirect_url_.ReplaceComponents(replacements) ==
+        location.ReplaceComponents(replacements)) {
+      return true;
+    }
+  }
   // Query URLRequestJobFactory as to whether |location| would be safe to
   // redirect to.
   return request_->context()->job_factory() &&