LibWeb: Ignore Location headers unless the response status code is 3xx

As per RFC7231 the Location header field has different meanings for different response status codes: For 201 (Created) responses, the Location value refers to the primary resource created by the request. For 3xx (Redirection) responses, the Location value refers to the preferred target resource for automatically redirecting the request.
2025-10-31 19:12:43 +00:00 · 2022-02-12 15:42:48 +02:00 · 2022-02-12 15:42:48 +02:00 · 721a4a0a67
commit 721a4a0a67
parent a99d02e14d
2 changed files with 14 additions and 9 deletions
--- a/Userland/Libraries/LibWeb/Loader/FrameLoader.cpp
+++ b/Userland/Libraries/LibWeb/Loader/FrameLoader.cpp
@ -257,17 +257,20 @@ void FrameLoader::resource_did_load()
 {
    auto url = resource()->url();

-    // FIXME: Also check HTTP status code before redirecting
-    auto location = resource()->response_headers().get("Location");
-    if (location.has_value()) {
-        if (m_redirects_count > maximum_redirects_allowed) {
-            m_redirects_count = 0;
-            load_error_page(url, "Too many redirects");
+    // For 3xx (Redirection) responses, the Location value refers to the preferred target resource for automatically redirecting the request.
+    auto status_code = resource()->status_code();
+    if (status_code.has_value() && *status_code >= 300 && *status_code <= 399) {
+        auto location = resource()->response_headers().get("Location");
+        if (location.has_value()) {
+            if (m_redirects_count > maximum_redirects_allowed) {
+                m_redirects_count = 0;
+                load_error_page(url, "Too many redirects");
+                return;
+            }
+            m_redirects_count++;
+            load(url.complete_url(location.value()), FrameLoader::Type::Navigation);
            return;
        }
-        m_redirects_count++;
-        load(url.complete_url(location.value()), FrameLoader::Type::Navigation);
-        return;
    }
    m_redirects_count = 0;