nginx: Removes problematic performance improvement

In an attempt to boost the performance the headers were being checked in two different situations, the first if SecResponseBodyAccess was Off and in a second situation if SecResponseBodyAccess was set to On. This makes sense however functionalities such as content injection demands the body even if SecResponseBodyAccess was not enabled. This patch removes the first scenario, leaving just the second one. After this modification the following regression tests started to pass: from: regression/action/10-append-prepend.t 1) action - append content: passed 2) action - prepend content: passed
2025-08-14 05:45:59 +03:00 · 2014-01-07 18:45:06 -08:00 · 2014-01-07 18:45:06 -08:00 · 2a43589395
commit 2a43589395
parent 21e25c50af
1 changed files with 0 additions and 29 deletions
--- a/nginx/modsecurity/ngx_http_modsecurity.c
+++ b/nginx/modsecurity/ngx_http_modsecurity.c
@ -1074,8 +1074,6 @@ ngx_http_modsecurity_header_filter(ngx_http_request_t *r) {
    ngx_http_modsecurity_ctx_t      *ctx;
    const char                      *location;
    ngx_table_elt_t                 *h;
-    ngx_int_t                        rc;
-

    cf = ngx_http_get_module_loc_conf(r, ngx_http_modsecurity);
    ctx = ngx_http_get_module_ctx(r, ngx_http_modsecurity);
@ -1112,33 +1110,6 @@ ngx_http_modsecurity_header_filter(ngx_http_request_t *r) {

    ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "modSecurity: header filter");

-    /* header only or SecResponseBodyAccess off */
-    if (r->header_only || (!modsecIsResponseBodyAccessEnabled(ctx->req)) ) {
-
-        ctx->complete = 1;
-
-        if (ngx_http_modsecurity_load_headers_in(r) != NGX_OK
-                || ngx_http_modsecurity_load_headers_out(r) != NGX_OK) {
-
-            return NGX_HTTP_INTERNAL_SERVER_ERROR;
-        }
-
-        rc = ngx_http_modsecurity_status(r, modsecProcessResponse(ctx->req));
-
-        if (rc != NGX_DECLINED) {
-            return ngx_http_filter_finalize_request(r, &ngx_http_modsecurity, rc);
-        }
-
-        if (ngx_http_modsecurity_save_headers_in(r) != NGX_OK
-                || ngx_http_modsecurity_save_headers_out(r) != NGX_OK) {
-            return ngx_http_filter_finalize_request(r, &ngx_http_modsecurity, NGX_HTTP_INTERNAL_SERVER_ERROR);
-        }
-
-        return ngx_http_next_header_filter(r);
-    }
-
-    /* SecResponseBodyAccess on, process rules in body filter */
-
    r->filter_need_in_memory = 1;
    return NGX_OK;
 }