Do not ignore userinfo on a redirect to the same origin

Fixes #1351

Author: szmarczak

source/core/index.ts

@@ -1631,6 +1631,10 @@ export default class Request extends Duplex implements RequestEvents<Request> {
 		}
 
 		if (options.url) {
+			if ('port' in options) {
+				delete options.port;
+			}
+
 			// Make it possible to change `options.prefixUrl`
 			let {prefixUrl} = options;
 			Object.defineProperty(options, 'prefixUrl', {
@@ -2088,16 +2092,12 @@ export default class Request extends Duplex implements RequestEvents<Request> {
 					}
 
 					if (options.username || options.password) {
-						// TODO: Fix this ignore.
-						// @ts-expect-error
-						delete options.username;
-						// @ts-expect-error
-						delete options.password;
-					}
-
-					if ('port' in options) {
-						delete options.port;
+						options.username = '';
+						options.password = '';
 					}
+				} else {
+					redirectUrl.username = options.username;
+					redirectUrl.password = options.password;
 				}
 
 				this.redirects.push(redirectString);

test/redirects.ts

@@ -440,6 +440,22 @@ test('clears the authorization header when redirecting to a different hostname',
 	t.is(headers.Authorization, undefined);
 });
 
+test('preserves userinfo on redirect to the same origin', withServer, async (t, server) => {
+	server.get('/redirect', (_request, response) => {
+		response.writeHead(303, {
+			location: `http://localhost:${server.port}/`
+		});
+		response.end();
+	});
+
+	server.get('/', (request, response) => {
+		t.is(request.headers.authorization, 'Basic aGVsbG86d29ybGQ=');
+		response.end();
+	});
+
+	await got(`http://hello:world@localhost:${server.port}/redirect`);
+});
+
 test('clears the host header when redirecting to a different hostname', async t => {
 	nock('https://testweb.com').get('/redirect').reply(302, undefined, {location: 'https://webtest.com/'});
 	nock('https://webtest.com').get('/').reply(function (_uri, _body) {