From e20c80004472ac440d41e63c89305fc4e0748e54 Mon Sep 17 00:00:00 2001 From: Felipe Zimmerle Date: Mon, 6 Jan 2014 13:10:13 -0800 Subject: [PATCH] nginx: fix missing headers while SecResponseBodyAccess was On The problem was caused by the fact that ModSecutiry was telling Nginx that headers had been sent when, in fact, had not. This modification was added in the past, along with others, in the following commit: fd2c30fa2311e783eecf3bf02bf3dcfbabc3968a This patch, just removes the "r->header_sent = 1". After that modification the following regression tests started to work again: from: action/00-disruptive-actions.t 3) action - pass in phase:3 4) action - pass in phase:4 11) action - deny in phase:3 12) action - deny in phase:4 19) action - redirect in phase:3 (get) 20) action - redirect in phase:4 (get) 23) action - proxy in phase:3 (get) 24) action - proxy in phase:4 (get) from: config/10-response-directives.t 2) config - SecResponseBodyAccess On 6) config - SecResponseBodyLimit (greater) 7) config - SecResponseBodyLimitAction Reject --- nginx/modsecurity/ngx_http_modsecurity.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/nginx/modsecurity/ngx_http_modsecurity.c b/nginx/modsecurity/ngx_http_modsecurity.c index 8e8b8bc8..6da8d9bd 100644 --- a/nginx/modsecurity/ngx_http_modsecurity.c +++ b/nginx/modsecurity/ngx_http_modsecurity.c @@ -1139,9 +1139,6 @@ ngx_http_modsecurity_header_filter(ngx_http_request_t *r) { /* SecResponseBodyAccess on, process rules in body filter */ - /* pretend we are ngx_http_header_filter */ - r->header_sent = 1; - r->filter_need_in_memory = 1; return NGX_OK; }