fixed: coraza 必须调用processbody，否则即使告警也会无法阻断。而且该处代码有问题，详见todo

lib/resty/coraza/request.lua

@@ -25,15 +25,10 @@ end
 
 function _M.build_and_process_body(transaction)
     local req_body = ngx_req.get_body_data()
-    if not req_body then
+    if req_body then
-        -- TODO: fix code
+        -- TODO: fix code to process multipart/formdata
-        local path = ngx_req.get_body_file()
+        -- local path = ngx_req.get_body_file()
-        if not path then
+        -- coraza.request_body_from_file(path)
-            -- end process
-            return
-        end
-        coraza.request_body_from_file(path)
-    else
         local req_body_size = #req_body
         -- TODO req_body_size > req_body_size_opt
         coraza.append_request_body(transaction, req_body)

t/integration_with_coreruleset.t

@@ -63,3 +63,10 @@ aaaaaaaaa=aaaaaa
 POST /t/shell.php?injection=/etc/passwd
 aaaaaaaaa=aaaaaa
 --- error_code: 403
+
+=== TEST 3: integration test blocked with no post data
+--- http_config eval: $::HttpConfig
+--- config eval: $::LocationConfig
+--- request
+GET /t/shell.php?injection=/etc/passwd
+--- error_code: 403