Redirect with authorization credentials to same host for relative paths

lib/httparty/request.rb

@@ -299,7 +299,7 @@ def handle_response(body, &block)
     def handle_host_redirection
       check_duplicate_location_header
       redirect_path = options[:uri_adapter].parse(last_response['location']).normalize
-      return if redirect_path.relative? || path.host == redirect_path.host
+      return if redirect_path.relative? || path.host == redirect_path.host || uri.host == redirect_path.host
       @changed_hosts = true
     end
 

spec/httparty/request_spec.rb

@@ -1313,6 +1313,20 @@
         @request.send(:setup_raw_request)
         expect(@request.instance_variable_get(:@raw_request)['authorization']).to eq(@authorization)
       end
+
+      context 'when uri path is a relative path' do
+        before do
+          @request.path = '/v1'
+          @request.options[:base_uri] = 'http://api.foo.com'
+        end
+
+        it "should send Authorization header when redirecting to the same host" do
+          @redirect['location'] = 'http://api.foo.com/v2'
+          @request.perform
+          @request.send(:setup_raw_request)
+          expect(@request.instance_variable_get(:@raw_request)['authorization']).to eq(@authorization)
+        end
+      end
     end
   end