github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2026-01-13 06:57:10 +03:00
Code Issues Packages Projects Releases Wiki Activity

Do not intercept internal redirect error documents.

Browse Source
This commit is contained in:
brectanus
2007-08-10 15:50:11 +00:00
parent a9703a0559
commit af5c895d53
2 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
apache2/mod_security2.c
View File

@@ -583,6 +583,13 @@ static int hook_request_late(request_rec *r) {
/* Has this phase been completed already? */
if (msr->phase_request_body_complete) {
/* If we are redirecting and there was no previous response it is
* an error page request and we ignore it.
*/
if ((msr->r->prev != NULL) && (msr->r->prev->headers_out == NULL || apr_is_empty_table(msr->r->prev->headers_out))) {
msr_log(msr, 9, "Allowing internally redirected error document: %s", msr->r->uri);
return DECLINED;
}
if (msr->was_intercepted) {
msr_log(msr, 4, "Phase REQUEST_BODY request already intercepted. Intercepting additional request.");
return perform_interception(msr);