From 7a96d6b592360793023035bbcef06d821cd65b76 Mon Sep 17 00:00:00 2001
From: Chris Tate <chris@studiotate.com>
Date: Mon, 18 Jan 2016 13:30:24 -0600
Subject: [PATCH 1/2] maintain "user-agent" header for redirects

---
 index.js      | 6 +++++-
 test/index.js | 8 ++++++++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/index.js b/index.js
index 242f906..c24b7d6 100644
--- a/index.js
+++ b/index.js
@@ -116,11 +116,15 @@ function request(method, url, options, callback) {
         if (options.maxRedirects && options.maxRedirects !== Infinity) {
           options.maxRedirects--;
         }
-        // don't maintain headers through redirects
+        // don't maintain headers (except for "user-agent") through redirects
         // This fixes a problem where a POST to http://example.com
         // might result in a GET to http://example.co.uk that includes "content-length"
         // as a header
+        var ua = caseless(options.headers).get('user-agent');
         options.headers = {};
+        if (ua) {
+          options.headers['user-agent'] = ua;
+        }
         return request(duplex ? 'GET' : method, resolveUrl(urlString, res.headers.location), options, callback);
       } else {
         return callback(null, res);
diff --git a/test/index.js b/test/index.js
index d275dc2..4bb6131 100644
--- a/test/index.js
+++ b/test/index.js
@@ -79,3 +79,11 @@ request('GET', CACHED, {cache: 'file'}, function (err, res) {
     }, 1000);
   });
 });
+
+request('GET', 'https://api.github.com/repos/isaacs/npm', {followRedirects: true, headers: {'User-Agent': 'http-basic'}}, function (err, res) {
+  if (err) throw err;
+
+  console.log('response I');
+  assert(res.statusCode === 200);
+  res.body.resume();
+});
\ No newline at end of file

From a8e57ceb6c4f3e951a041446f02c2ac227d00484 Mon Sep 17 00:00:00 2001
From: Chris Tate <chris@studiotate.com>
Date: Mon, 18 Jan 2016 13:52:22 -0600
Subject: [PATCH 2/2] explicitly set redirect headers

---
 README.md     |  1 +
 index.js      | 17 ++++++++++++-----
 test/index.js |  2 +-
 3 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index 82570d1..2d92928 100644
--- a/README.md
+++ b/README.md
@@ -39,6 +39,7 @@ The url as a string (e.g. `http://example.com`).  It must be fully qualified and
  - `agent` - (default: `false`) controlls keep-alive (see http://nodejs.org/api/http.html#http_http_request_options_callback)
  - `followRedirects` - (default: `false`) - if true, redirects are followed (note that this only affects the result in the callback)
  - `maxRedirects` - (default: `Infinity`) - limit the number of redirects allowed.
+ - `allowRedirectHeaders` (default: `null`) - an array of headers allowed for redirects (none if `null`).
  - `gzip` (default: `false`) - automatically accept gzip and deflate encodings.  This is kept completely transparent to the user.
  - `cache` - (default: `null`) - `'memory'` or `'file'` to use the default built in caches or you can pass your own cache implementation.
  - `timeout` (default: `false`) - times out if no response is returned within the given number of milliseconds.
diff --git a/index.js b/index.js
index c24b7d6..0ea4ed9 100644
--- a/index.js
+++ b/index.js
@@ -116,15 +116,22 @@ function request(method, url, options, callback) {
         if (options.maxRedirects && options.maxRedirects !== Infinity) {
           options.maxRedirects--;
         }
-        // don't maintain headers (except for "user-agent") through redirects
+        // don't maintain headers through redirects
         // This fixes a problem where a POST to http://example.com
         // might result in a GET to http://example.co.uk that includes "content-length"
         // as a header
-        var ua = caseless(options.headers).get('user-agent');
-        options.headers = {};
-        if (ua) {
-          options.headers['user-agent'] = ua;
+        var headers = caseless(options.headers), redirectHeaders = {};
+        if (options.allowRedirectHeaders) {
+          var headerName, headerValue;
+          for (var i = 0; i < options.allowRedirectHeaders.length; i++) {
+            headerName = options.allowRedirectHeaders[i];
+            headerValue = headers.get(headerName);
+            if (headerValue) {
+              redirectHeaders[headerName] = headerValue;
+            }
+          }
         }
+        options.headers = redirectHeaders;
         return request(duplex ? 'GET' : method, resolveUrl(urlString, res.headers.location), options, callback);
       } else {
         return callback(null, res);
diff --git a/test/index.js b/test/index.js
index 4bb6131..d5c8242 100644
--- a/test/index.js
+++ b/test/index.js
@@ -80,7 +80,7 @@ request('GET', CACHED, {cache: 'file'}, function (err, res) {
   });
 });
 
-request('GET', 'https://api.github.com/repos/isaacs/npm', {followRedirects: true, headers: {'User-Agent': 'http-basic'}}, function (err, res) {
+request('GET', 'https://api.github.com/repos/isaacs/npm', {allowRedirectHeaders: ['User-Agent'], followRedirects: true, headers: {'User-Agent': 'http-basic'}}, function (err, res) {
   if (err) throw err;
 
   console.log('response I');