Change from ctl:requestBodyBuffering to ctl:forceRequestBodyVariable.

2025-08-13 21:36:00 +03:00 · 2008-09-10 17:11:20 +00:00 · 2008-09-10 17:11:20 +00:00 · 309510d70b
commit 309510d70b
parent 5740f7a3eb
3 changed files with 11 additions and 10 deletions
--- a/4
+++ b/4
@ -4,8 +4,8 @@
 * Fixed XML DTD/Schema validation which will now fail after request body
   processing errors, even if the XML parser returns a document tree.

- * Added ctl:requestBodyBuffering=on|off which, when enabled, will force
-   the request body to be buffered and allow REQUEST_BODY to be inspected.
+ * Added ctl:forceRequestBodyVariable=on|off which, when enabled, will force
+   the REQUEST_BODY variable to be set and allow it to be inspected.
   Previously the REQUEST_BODY target was only populated if the request body
   was a parsable type (application/x-www-form-urlencoded or
   multipart/form-data) or was forced to be parsed via ctl:requestBodyProcessor.
--- a/apache2/re_actions.c
+++ b/apache2/re_actions.c
@ -713,10 +713,10 @@ static char *msre_action_ctl_validate(msre_engine *engine, msre_action *action)
         */
        return NULL;
    } else
-    if (strcasecmp(name, "requestBodyBuffering") == 0) {
+    if (strcasecmp(name, "forceRequestBodyVariable") == 0) {
        if (parse_boolean(value) == -1) {
            return apr_psprintf(engine->mp, "Invalid setting for ctl name "
-                " requestBodyBuffering: %s", value);
+                " forceRequestBodyVariable: %s", value);
        }
        return NULL;
    } else
@ -838,7 +838,7 @@ static apr_status_t msre_action_ctl_execute(modsec_rec *msr, apr_pool_t *mptmp,

        return 1;
    } else
-    if (strcasecmp(name, "requestBodyBuffering") == 0) {
+    if (strcasecmp(name, "forceRequestBodyVariable") == 0) {
        int pv = parse_boolean(value);

        if (pv == -1) return -1;
--- a/doc/modsecurity2-apache-reference.xml
+++ b/doc/modsecurity2-apache-reference.xml
@ -4411,7 +4411,7 @@ SecRule REQUEST_CONTENT_TYPE ^text/xml nolog,pass,<emphasis>ctl:requestBodyProce
        </listitem>

        <listitem>
-          <para><literal moreinfo="none">requestBodyBuffering</literal></para>
+          <para><literal moreinfo="none">forceRequestBodyVariable</literal></para>
        </listitem>

        <listitem>
@ -4437,7 +4437,7 @@ SecRule REQUEST_CONTENT_TYPE ^text/xml nolog,pass,<emphasis>ctl:requestBodyProce

      <para>With the exception of<literal moreinfo="none">
      requestBodyProcessor</literal> and <literal moreinfo="none">
-      requestBodyBuffering</literal>, each configuration option corresponds to
+      forceRequestBodyVariable</literal>, each configuration option corresponds to
      one configuration directive and the usage is identical.</para>

      <para>The requestBodyProcessor option allows you to configure the
@ -4460,9 +4460,10 @@ SecRule REQUEST_CONTENT_TYPE ^text/xml nolog,pass,<emphasis>ctl:requestBodyProce
      moreinfo="none">REQUEST_BODY</literal> phase and an appropriate action
      taken.</para>

-      <para>The requestBodyBuffering option allows you to configure the
-      request body to be buffered (in memory) even if it is not parsed.  This
-      allows inspection of REQUEST_BODY even when no parser is used.</para>
+      <para>The forceRequestBodyVariable option allows you to configure the
+      REQUEST_BODY variable to be set even if the request body was not parsed.
+      This allows inspection of REQUEST_BODY even when no parser is used.
+      </para>
    </section>

    <section>