runtime: [2.1] Redirect with location having an anchor fails in a HTTP 400 on some servers

NOTE by @krwq: this is tracking 2.1 issue (currently unclear if we want to port the fix or what fix needs to be ported)

Problem

I think we are hitting a bug when having a third party (OAuth authentication server) returning a HTTP 302 redirect with the location set to a URL having a anchor (#). The redirected request returns a HTTP 400.

Test case

WebClient wc = new WebClient();
wc.DownloadString("http://corefx-net.cloudapp.net/Redirect.ashx?uri=%2FEcho.ashx#something");

I am not sure if this issue is the same as the following code, but it will at least give the exact same error message:

WebClient wc = new WebClient();
wc.DownloadString("http://corefx-net.cloudapp.net/Redirect.ashx?statuscode=302&uri=%2FEcho.ashx%23something");

Expected result

I expected that a request to http://corefx-net.cloudapp.net/Redirect.ashx?statuscode=302&uri=%2FEcho.ashx%23something would return in a redirect to http://corefx-net.cloudapp.net/Echo.ashx#something resulting in a HTTP 200.

Details

The problem reproduces on .NET Core 2.2 and 2.1, but it doesn’t on .NET Core 2.0 and below. The problem doesn’t reproduce on .NET Framework 4.7.2 and 4.7.

Good to mention it concerns OAuth on Exact Online, a cloud accounting program, which support the Implicit Grant Flow of OAuth.

It reproduces as an error from Microsoft HTTPAPI (http.sys). Does not reproduce on AWS CloudFront hosted site as redirect URL.