github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00
Code Issues Packages Projects Releases Wiki Activity

Passthrough the saved Response headers in the response

Browse Source 
Tickets: https://github.com/SpiderLabs/ModSecurity/issues/735
This commit is contained in:
Ramandeep Singh 2014-06-30 12:41:00 +05:30 committed by Felipe Zimmerle
parent 8907941f49
commit c226240df9
1 changed files with 16 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
nginx/modsecurity/ngx_http_modsecurity.c
View File

@ -806,7 +806,7 @@ ngx_http_modsecurity_save_headers_out_visitor(void *data,
const char *key, const char *value)
{
ngx_http_request_t *r = data;
ngx_table_elt_t *h, he;
ngx_table_elt_t *h, he, *new_h;
ngx_http_upstream_header_t *hh;
ngx_http_upstream_main_conf_t *umcf;
@ -837,6 +837,21 @@ ngx_http_modsecurity_save_headers_out_visitor(void *data,
if (hh->copy_handler(r, h, hh->conf) != NGX_OK) {
return 0;
}
} else {
/* Add the response header directly to headers_out if not present in
* the hash. This is done to passthrough such response headers.
* Remember the response headers were cleared earlier using
* ngx_http_clean_header(r) call in ngx_http_modsecurity_save_headers_out.
*/
new_h = ngx_list_push(&r->headers_out.headers);
if (new_h == NULL) {
return NGX_ERROR;
}
new_h->hash = h->hash;
new_h->key = h->key;
new_h->value = h->value;
}
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,