From afacf71feeaa0d25da0098a38f039ff6cc5cbdb5 Mon Sep 17 00:00:00 2001
From: Chris Dumez <cdumez@apple.com>
Date: Thu, 21 Jul 2022 15:30:14 -0700
Subject: [PATCH] We should maintain the original Content-Type header on 303
 HTTP redirect https://bugs.webkit.org/show_bug.cgi?id=242969

Reviewed by Darin Adler and Alex Christensen.

Maintain the original Content-Type header on 303 HTTP redirect, like we do for
the 307 and 308 ones. This aligns our behavior with both Blink and Gecko.

* LayoutTests/imported/w3c/web-platform-tests/xhr/send-redirect-expected.txt:
* Source/WebCore/platform/network/mac/ResourceHandleMac.mm:
(WebCore::ResourceHandle::willSendRequest):
* Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:
(WebKit::NetworkDataTaskCocoa::willPerformHTTPRedirection):

Canonical link: https://commits.webkit.org/252713@main
---
 .../web-platform-tests/xhr/send-redirect-expected.txt  |  2 +-
 .../WebCore/platform/network/mac/ResourceHandleMac.mm  | 10 ++++++++--
 .../NetworkProcess/cocoa/NetworkDataTaskCocoa.mm       | 10 ++++++++--
 3 files changed, 17 insertions(+), 5 deletions(-)

diff --git a/LayoutTests/imported/w3c/web-platform-tests/xhr/send-redirect-expected.txt b/LayoutTests/imported/w3c/web-platform-tests/xhr/send-redirect-expected.txt
index f18279f0f9f21..a609be4b4dcae 100644
--- a/LayoutTests/imported/w3c/web-platform-tests/xhr/send-redirect-expected.txt
+++ b/LayoutTests/imported/w3c/web-platform-tests/xhr/send-redirect-expected.txt
@@ -1,6 +1,6 @@
 
 PASS XMLHttpRequest: send() - Redirects (basics) (301)
 PASS XMLHttpRequest: send() - Redirects (basics) (302)
-FAIL XMLHttpRequest: send() - Redirects (basics) (303) assert_equals: expected "application/x-pony" but got "NO"
+PASS XMLHttpRequest: send() - Redirects (basics) (303)
 PASS XMLHttpRequest: send() - Redirects (basics) (307)
 
diff --git a/Source/WebCore/platform/network/mac/ResourceHandleMac.mm b/Source/WebCore/platform/network/mac/ResourceHandleMac.mm
index 8f989561d6739..8b54a62210143 100644
--- a/Source/WebCore/platform/network/mac/ResourceHandleMac.mm
+++ b/Source/WebCore/platform/network/mac/ResourceHandleMac.mm
@@ -425,8 +425,14 @@ static bool synchronousWillSendRequestEnabled()
             if (!originalContentType.isEmpty())
                 request.setHTTPHeaderField(HTTPHeaderName::ContentType, originalContentType);
         }
-    } else if (redirectResponse.httpStatusCode() == 303 && equalLettersIgnoringASCIICase(d->m_firstRequest.httpMethod(), "head"_s)) // FIXME: (rdar://problem/13706454).
-        request.setHTTPMethod("HEAD"_s);
+    } else if (redirectResponse.httpStatusCode() == 303) { // FIXME: (rdar://problem/13706454).
+        if (equalLettersIgnoringASCIICase(d->m_firstRequest.httpMethod(), "head"_s))
+            request.setHTTPMethod("HEAD"_s);
+
+        String originalContentType = d->m_firstRequest.httpContentType();
+        if (!originalContentType.isEmpty())
+            request.setHTTPHeaderField(HTTPHeaderName::ContentType, originalContentType);
+    }
 
     // Should not set Referer after a redirect from a secure resource to non-secure one.
     if (!request.url().protocolIs("https"_s) && protocolIs(request.httpReferrer(), "https"_s) && d->m_context->shouldClearReferrerOnHTTPSToHTTPRedirect())
diff --git a/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm b/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm
index 108664c1e1608..a0a3098ee604c 100644
--- a/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm
+++ b/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm
@@ -510,8 +510,14 @@ static inline bool computeIsAlwaysOnLoggingAllowed(NetworkSession& session)
         String originalContentType = m_firstRequest.httpContentType();
         if (!originalContentType.isEmpty())
             request.setHTTPHeaderField(WebCore::HTTPHeaderName::ContentType, originalContentType);
-    } else if (redirectResponse.httpStatusCode() == 303 && equalLettersIgnoringASCIICase(m_firstRequest.httpMethod(), "head"_s)) // FIXME: (rdar://problem/13706454).
-        request.setHTTPMethod("HEAD"_s);
+    } else if (redirectResponse.httpStatusCode() == 303) { // FIXME: (rdar://problem/13706454).
+        if (equalLettersIgnoringASCIICase(m_firstRequest.httpMethod(), "head"_s))
+            request.setHTTPMethod("HEAD"_s);
+
+        String originalContentType = m_firstRequest.httpContentType();
+        if (!originalContentType.isEmpty())
+            request.setHTTPHeaderField(WebCore::HTTPHeaderName::ContentType, originalContentType);
+    }
     
     // Should not set Referer after a redirect from a secure resource to non-secure one.
     if (m_shouldClearReferrerOnHTTPSToHTTPRedirect && !request.url().protocolIs("https"_s) && WTF::protocolIs(request.httpReferrer(), "https"_s))