Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Nginx Improved: if "SecResponseBodyAccess off" do not copy response body... #65

Merged
merged 1 commit into from

2 participants

@chaizhenhua

... buffer

@brenosilva brenosilva merged commit 72a3389 into SpiderLabs:remotes/trunk
@zimmerle zimmerle referenced this pull request from a commit
@zimmerle zimmerle Updates the libinjection
Windows compilation was failing due to the utilization of size_t which is part
of the strings.h. strings.h was not part of windows and so the compilation
was failing. This update fix that. Issue #65 on libinjection:
client9/libinjection#65
c4f6801
@zimmerle zimmerle referenced this pull request from a commit
@zimmerle zimmerle Updates the libinjection
Windows compilation was failing due to the utilization of size_t which is part
of the strings.h. strings.h was not part of windows and so the compilation
was failing. This update fix that. Issue #65 on libinjection:
client9/libinjection#65
6c3735c
@zimmerle zimmerle referenced this pull request from a commit
@zimmerle zimmerle Updates the libinjection
Windows compilation was failing due to the utilization of size_t which is part
of the strings.h. strings.h was not part of windows and so the compilation
was failing. This update fix that. Issue #65 on libinjection:
client9/libinjection#65
398f2f5
@zimmerle zimmerle referenced this pull request from a commit
@zimmerle zimmerle Updates the libinjection
Windows compilation was failing due to the utilization of size_t which is part
of the strings.h. strings.h was not part of windows and so the compilation
was failing. This update fix that. Issue #65 on libinjection:
client9/libinjection#65
ff2f1e6
@zimmerle zimmerle referenced this pull request from a commit
@zimmerle zimmerle Updates the libinjection
Windows compilation was failing due to the utilization of size_t which is part
of the strings.h. strings.h was not part of windows and so the compilation
was failing. This update fix that. Issue #65 on libinjection:
client9/libinjection#65
347ba1e
@zimmerle zimmerle referenced this pull request from a commit
@zimmerle zimmerle Updates the libinjection
Windows compilation was failing due to the utilization of size_t which is part
of the strings.h. strings.h was not part of windows and so the compilation
was failing. This update fix that. Issue #65 on libinjection:
client9/libinjection#65
d06caa3
@zimmerle zimmerle referenced this pull request from a commit
@zimmerle zimmerle Updates the libinjection
Windows compilation was failing due to the utilization of size_t which is part
of the strings.h. strings.h was not part of windows and so the compilation
was failing. This update fix that. Issue #65 on libinjection:
client9/libinjection#65
48b73cd
@zimmerle zimmerle referenced this pull request from a commit
@zimmerle zimmerle Updates the libinjection
Windows compilation was failing due to the utilization of size_t which is part
of the strings.h. strings.h was not part of windows and so the compilation
was failing. This update fix that. Issue #65 on libinjection:
client9/libinjection#65
070dc1c
@zimmerle zimmerle referenced this pull request from a commit
@zimmerle zimmerle Updates the libinjection
Windows compilation was failing due to the utilization of size_t which is part
of the strings.h. strings.h was not part of windows and so the compilation
was failing. This update fix that. Issue #65 on libinjection:
client9/libinjection#65
5cc2cdc
@zimmerle zimmerle referenced this pull request from a commit
@zimmerle zimmerle Updates the libinjection
Windows compilation was failing due to the utilization of size_t which is part
of the strings.h. strings.h was not part of windows and so the compilation
was failing. This update fix that. Issue #65 on libinjection:
client9/libinjection#65
549ba51
@zimmerle zimmerle referenced this pull request from a commit
@zimmerle zimmerle Updates the libinjection
Windows compilation was failing due to the utilization of size_t which is part
of the strings.h. strings.h was not part of windows and so the compilation
was failing. This update fix that. Issue #65 on libinjection:
client9/libinjection#65
e2b9eef
@zimmerle zimmerle referenced this pull request from a commit
@zimmerle zimmerle Updates the libinjection
Windows compilation was failing due to the utilization of size_t which is part
of the strings.h. strings.h was not part of windows and so the compilation
was failing. This update fix that. Issue #65 on libinjection:
client9/libinjection#65
d0818ee
@zimmerle zimmerle referenced this pull request from a commit
@zimmerle zimmerle Updates the libinjection
Windows compilation was failing due to the utilization of size_t which is part
of the strings.h. strings.h was not part of windows and so the compilation
was failing. This update fix that. Issue #65 on libinjection:
client9/libinjection#65
fa65998
@zimmerle zimmerle referenced this pull request from a commit
@zimmerle zimmerle Updates the libinjection
Windows compilation was failing due to the utilization of size_t which is part
of the strings.h. strings.h was not part of windows and so the compilation
was failing. This update fix that. Issue #65 on libinjection:
client9/libinjection#65
154d3db
@zimmerle zimmerle referenced this pull request from a commit
@zimmerle zimmerle Updates the libinjection
Windows compilation was failing due to the utilization of size_t which is part
of the strings.h. strings.h was not part of windows and so the compilation
was failing. This update fix that. Issue #65 on libinjection:
client9/libinjection#65
ad1233d
@zimmerle zimmerle referenced this pull request from a commit
@zimmerle zimmerle Updates the libinjection
Windows compilation was failing due to the utilization of size_t which is part
of the strings.h. strings.h was not part of windows and so the compilation
was failing. This update fix that. Issue #65 on libinjection:
client9/libinjection#65
b719b48
@zimmerle zimmerle referenced this pull request from a commit
@zimmerle zimmerle Updates the libinjection
Windows compilation was failing due to the utilization of size_t which is part
of the strings.h. strings.h was not part of windows and so the compilation
was failing. This update fix that. Issue #65 on libinjection:
client9/libinjection#65
6021d8b
@zimmerle zimmerle referenced this pull request from a commit
@zimmerle zimmerle Updates the libinjection
Windows compilation was failing due to the utilization of size_t which is part
of the strings.h. strings.h was not part of windows and so the compilation
was failing. This update fix that. Issue #65 on libinjection:
client9/libinjection#65
2bc82cf
@zimmerle zimmerle referenced this pull request from a commit
@zimmerle zimmerle Updates the libinjection
Windows compilation was failing due to the utilization of size_t which is part
of the strings.h. strings.h was not part of windows and so the compilation
was failing. This update fix that. Issue #65 on libinjection:
client9/libinjection#65
00d2f3d
@zimmerle zimmerle referenced this pull request from a commit
@zimmerle zimmerle Updates the libinjection
Windows compilation was failing due to the utilization of size_t which is part
of the strings.h. strings.h was not part of windows and so the compilation
was failing. This update fix that. Issue #65 on libinjection:
client9/libinjection#65
730fe51
@zimmerle zimmerle referenced this pull request from a commit
@zimmerle zimmerle Updates the libinjection
Windows compilation was failing due to the utilization of size_t which is part
of the strings.h. strings.h was not part of windows and so the compilation
was failing. This update fix that. Issue #65 on libinjection:
client9/libinjection#65
85d894f
@zimmerle zimmerle referenced this pull request from a commit
@zimmerle zimmerle Updates the libinjection
Windows compilation was failing due to the utilization of size_t which is part
of the strings.h. strings.h was not part of windows and so the compilation
was failing. This update fix that. Issue #65 on libinjection:
client9/libinjection#65
0f4be36
@zimmerle zimmerle referenced this pull request from a commit
@zimmerle zimmerle Updates the libinjection
Windows compilation was failing due to the utilization of size_t which is part
of the strings.h. strings.h was not part of windows and so the compilation
was failing. This update fix that. Issue #65 on libinjection:
client9/libinjection#65
503e8f6
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
This page is out of date. Refresh to see the latest.
Showing with 8 additions and 5 deletions.
  1. +8 −5 nginx/modsecurity/ngx_http_modsecurity.c
View
13 nginx/modsecurity/ngx_http_modsecurity.c
@@ -1077,16 +1077,17 @@ ngx_http_modsecurity_header_filter(ngx_http_request_t *r) {
const char *location;
ngx_table_elt_t *h;
ngx_int_t rc;
-
+
cf = ngx_http_get_module_loc_conf(r, ngx_http_modsecurity);
ctx = ngx_http_get_module_ctx(r, ngx_http_modsecurity);
+ /* already processed, checking redirect action. */
if (ctx && ctx->complete
&& r->err_status >= NGX_HTTP_MOVED_PERMANENTLY
&& r->err_status < 308) {
- /* 3XX load redirect location header so that we can do redirec in phase 3,4 */
+ /* 3XX load redirect location header so that we can do redirect in phase 3,4 */
location = apr_table_get(ctx->req->headers_out, "Location");
if (location == NULL) {
@@ -1113,7 +1114,8 @@ ngx_http_modsecurity_header_filter(ngx_http_request_t *r) {
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "modSecurity: header filter");
- if (r->method == NGX_HTTP_HEAD || r->header_only) {
+ /* header only or SecResponseBodyAccess off */
+ if (r->header_only || (!modsecIsResponseBodyAccessEnabled(ctx->req)) ) {
ctx->complete = 1;
@@ -1126,17 +1128,18 @@ ngx_http_modsecurity_header_filter(ngx_http_request_t *r) {
rc = ngx_http_modsecurity_status(r, modsecProcessResponse(ctx->req));
if (rc != NGX_DECLINED) {
- return rc;
+ return ngx_http_filter_finalize_request(r, &ngx_http_modsecurity, rc);
}
if (ngx_http_modsecurity_save_headers_in(r) != NGX_OK
|| ngx_http_modsecurity_save_headers_out(r) != NGX_OK) {
- return NGX_HTTP_INTERNAL_SERVER_ERROR;
+ return ngx_http_filter_finalize_request(r, &ngx_http_modsecurity, NGX_HTTP_INTERNAL_SERVER_ERROR);
}
return ngx_http_next_header_filter(r);
}
+ /* SecResponseBodyAccess on, process rules in body filter */
return NGX_OK;
}
Something went wrong with that request. Please try again.