From 8d4124eee26cc018f6ed306e0d404737ce82c849 Mon Sep 17 00:00:00 2001
From: Robert Paprocki <robert@cryptobells.com>
Date: Tue, 20 Mar 2018 11:35:40 -0700
Subject: [PATCH] Enable sanitizing JSON request bodies in native audit log
 format

f86de56 enabled sanitizing JSON request body data in JSON audit
log formats (the commit message is misleading). This commit supplements
JSON request body sanitization to support sanitized elements in
native audit log formats.
---
 apache2/msc_logging.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apache2/msc_logging.c b/apache2/msc_logging.c
index 6ee1e583..47fbfe77 100644
--- a/apache2/msc_logging.c
+++ b/apache2/msc_logging.c
@@ -1739,7 +1739,7 @@ void sec_audit_logger_native(modsec_rec *msr) {
                 for(i = 0; i < tarr->nelts; i++) {
                     msc_arg *arg = (msc_arg *)telts[i].val;
                     if (arg->origin != NULL &&
-                            strcmp(arg->origin, "BODY") != 0)
+                            ( strcmp(arg->origin, "BODY") != 0 && strcmp(arg->origin, "JSON") != 0) )
                         continue;
 
                     if (last_offset == 0) { /* The first time we're here. */