From 99c27f57b17196629e0153e9030c212ec605bf92 Mon Sep 17 00:00:00 2001
From: Masako Toda <todamasako0421@hotmail.com>
Date: Tue, 16 Jul 2019 21:42:04 +0000
Subject: [PATCH] Fix redirect of requests with credentials mode 'include'
 (fixes issue #2699, see issue #2622).

Modifying the URL in OnBeforeResourceLoad causes an internal redirect response.
In cases where the request is cross-origin and credentials mode is 'include'
the redirect response must include the "Access-Control-Allow-Credentials"
header, otherwise the request will be blocked.
---
 libcef/browser/net_service/proxy_url_loader_factory.cc | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/libcef/browser/net_service/proxy_url_loader_factory.cc b/libcef/browser/net_service/proxy_url_loader_factory.cc
index 0ff954acc..c16a7bcf1 100644
--- a/libcef/browser/net_service/proxy_url_loader_factory.cc
+++ b/libcef/browser/net_service/proxy_url_loader_factory.cc
@@ -644,6 +644,12 @@ void InterceptedRequest::InterceptResponseReceived(
           network::cors::header_names::kAccessControlAllowOrigin, origin));
     }
 
+    if (request_.fetch_credentials_mode ==
+        network::mojom::FetchCredentialsMode::kInclude) {
+      head.headers->AddHeader(MakeHeader(
+          network::cors::header_names::kAccessControlAllowCredentials, "true"));
+    }
+
     current_response_ = head;
     const net::RedirectInfo& redirect_info =
         MakeRedirectInfo(request_, head.headers.get(), request_.url, 0);