Perform redirect checks before OnReceivedRedirect in //net.

net/url_request/url_request.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/url_request/url_request.h"
 
 #include <utility>
 
 #include "base/bind.h"
 #include "base/bind_helpers.h"
@@ skipping 899 matching lines @@
 
   load_timing_info_ = LoadTimingInfo();
   load_timing_info_.request_start_time = response_info_.request_time;
   load_timing_info_.request_start = base::TimeTicks::Now();
 
   status_ = URLRequestStatus();
   is_pending_ = false;
   proxy_server_ = ProxyServer();
 }
 
-int URLRequest::Redirect(const RedirectInfo& redirect_info) {
-  // Matches call in NotifyReceivedRedirect.
+void URLRequest::Redirect(const RedirectInfo& redirect_info) {
+  // This method always succeeds. Whether |job_| is allowed to redirect to
+  // |redirect_info| is checked in URLRequestJob::CanFollowRedirect, before
+  // NotifyReceivedRedirect. This means the delegate can assume that, if it
+  // accepted the redirect, future calls to OnResponseStarted correspond to
+  // |redirect_info.new_url|.
   OnCallToDelegateComplete();
   if (net_log_.IsCapturing()) {
     net_log_.AddEvent(
         NetLogEventType::URL_REQUEST_REDIRECTED,
         NetLog::StringCallback("location",
                                &redirect_info.new_url.possibly_invalid_spec()));
   }
 
   if (network_delegate_)
     network_delegate_->NotifyBeforeRedirect(this, redirect_info.new_url);
 
-  if (redirect_limit_ <= 0) {
-    DVLOG(1) << "disallowing redirect: exceeds limit";
-    return ERR_TOO_MANY_REDIRECTS;
-  }
-
-  if (!redirect_info.new_url.is_valid())
-    return ERR_INVALID_URL;
-
-  if (!job_->IsSafeRedirect(redirect_info.new_url)) {
-    DVLOG(1) << "disallowing redirect: unsafe protocol";
-    return ERR_UNSAFE_REDIRECT;
-  }
-
   if (!final_upload_progress_.position() && upload_data_stream_)
     final_upload_progress_ = upload_data_stream_->GetUploadProgress();
   PrepareToRestart();
 
   if (redirect_info.new_method != method_) {
     // TODO(davidben): This logic still needs to be replicated at the consumers.
     if (method_ == "POST") {
       // If being switched from POST, must remove Origin header.
       // TODO(jww): This is Origin header removal is probably layering violation
       // and
@@ skipping 34 matching lines @@
 
   referrer_ = redirect_info.new_referrer;
   referrer_policy_ = redirect_info.new_referrer_policy;
   first_party_for_cookies_ = redirect_info.new_first_party_for_cookies;
   token_binding_referrer_ = redirect_info.referred_token_binding_host;
 
   url_chain_.push_back(redirect_info.new_url);
   --redirect_limit_;
 
   Start();
-  return OK;
 }
 
 const URLRequestContext* URLRequest::context() const {
   return context_;
 }
 
 int64_t URLRequest::GetExpectedContentSize() const {
   int64_t expected_content_size = -1;
   if (job_.get())
     expected_content_size = job_->expected_content_size();
@@ skipping 205 matching lines @@
     out->clear();
 }
 
 void URLRequest::set_status(URLRequestStatus status) {
   DCHECK(status_.is_io_pending() || status_.is_success() ||
          (!status.is_success() && !status.is_io_pending()));
   status_ = status;
 }
 
 }  // namespace net