2 files changed, 18 insertions, 0 deletions

diff --git a/net/url_request/url_request.cc b/net/url_request/url_request.cc
index b80ebe0..7bccf6d 100644
--- a/net/url_request/url_request.cc
+++ b/net/url_request/url_request.cc
@@ -402,6 +402,9 @@ int URLRequest::Redirect(const GURL& location, int http_status_code) {
     return net::ERR_TOO_MANY_REDIRECTS;
   }
 
+  if (!location.is_valid())
+    return net::ERR_INVALID_URL;
+
   if (!job_->IsSafeRedirect(location)) {
     DLOG(INFO) << "disallowing redirect: unsafe protocol";
     return net::ERR_UNSAFE_REDIRECT;
diff --git a/net/url_request/url_request_unittest.cc b/net/url_request/url_request_unittest.cc
index 2aaac0a..167e7e4 100644
--- a/net/url_request/url_request_unittest.cc
+++ b/net/url_request/url_request_unittest.cc
@@ -1023,6 +1023,21 @@ TEST_F(URLRequestTest, RestrictRedirects) {
   EXPECT_EQ(net::ERR_UNSAFE_REDIRECT, req.status().os_error());
 }
 
+TEST_F(URLRequestTest, RedirectToInvalidURL) {
+  scoped_refptr<HTTPTestServer> server =
+      HTTPTestServer::CreateServer(L"net/data/url_request_unittest", NULL);
+  ASSERT_TRUE(NULL != server.get());
+
+  TestDelegate d;
+  TestURLRequest req(server->TestServerPage(
+      "files/redirect-to-invalid-url.html"), &d);
+  req.Start();
+  MessageLoop::current()->Run();
+
+  EXPECT_EQ(URLRequestStatus::FAILED, req.status().status());
+  EXPECT_EQ(net::ERR_INVALID_URL, req.status().os_error());
+}
+
 TEST_F(URLRequestTest, NoUserPassInReferrer) {
   scoped_refptr<HTTPTestServer> server =
       HTTPTestServer::CreateServer(L"net/data/url_request_unittest", NULL);