Index: net/url_request/url_request_redirect_job.cc |
diff --git a/net/url_request/url_request_redirect_job.cc b/net/url_request/url_request_redirect_job.cc |
index 818d4c397ec5dee4a69c2116851eb283b5d71b70..b25f9076ce1cf5a79a8bfcbb012ceb5ab285714c 100644 |
--- a/net/url_request/url_request_redirect_job.cc |
+++ b/net/url_request/url_request_redirect_job.cc |
@@ -8,8 +8,10 @@ |
#include "base/compiler_specific.h" |
#include "base/logging.h" |
#include "base/message_loop/message_loop.h" |
+#include "base/strings/stringprintf.h" |
#include "net/base/load_timing_info.h" |
#include "net/base/net_log.h" |
+#include "net/http/http_response_headers.h" |
#include "net/url_request/url_request.h" |
namespace net { |
@@ -57,6 +59,28 @@ void URLRequestRedirectJob::StartAsync() { |
NotifyHeadersComplete(); |
} |
+void URLRequestRedirectJob::GetResponseInfo(HttpResponseInfo* info) { |
+ scoped_refptr<net::HttpResponseHeaders> response_headers( |
+ new net::HttpResponseHeaders(std::string())); |
+ std::string status_line(base::StringPrintf("HTTP/1.1 %d %s", |
+ http_status_code_, |
+ redirect_reason_.c_str())); |
+ |
+ |
+ response_headers->ReplaceStatusLine(status_line); |
+ const net::HttpRequestHeaders& headers = request_->extra_request_headers(); |
+ std::string http_origin; |
+ if (headers.GetHeader("Origin", &http_origin)) { |
+ // If this redirect is used in a cross-origin request, add the necessary |
+ // CORS headers to prevent the redirect from being blocked by cross-origin |
+ // access control. Note that the request is still blocked if the redirection |
+ // target does not serve the necessary CORS headers. |
+ response_headers->AddHeader("Access-Control-Allow-Origin: " + http_origin); |
+ response_headers->AddHeader("Access-Control-Allow-Credentials: true"); |
+ } |
+ info->headers = response_headers; |
+} |
+ |
void URLRequestRedirectJob::GetLoadTimingInfo( |
LoadTimingInfo* load_timing_info) const { |
// Set send_start and send_end to receive_headers_end_ to keep consistent |