From 4095db8c06d213c2fd1c41fe680d33e5b6c329b6 Mon Sep 17 00:00:00 2001
From: martinhsv <55407942+martinhsv@users.noreply.github.com>
Date: Wed, 29 Jul 2020 14:49:35 -0700
Subject: [PATCH] Fix nginx not clearing body cache (caused by incomplete fix
 for #187)

---
 CHANGES                               | 2 ++
 src/ngx_http_modsecurity_pre_access.c | 7 +++++++
 2 files changed, 9 insertions(+)

diff --git a/CHANGES b/CHANGES
index 420a8cb..b7716ef 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,8 @@
 v1.0.x - YYYY-MMM-DD (To be released)
 -------------------------------------
 
+ - Fix nginx not clearing body cache (caused by incomplete fix for #187)
+   [Issue #216 - @krewi1, @martinhsv]
  - Fix config setting not respected: client_body_in_file_only on
    [Issue #187 - @martinhsv]
  - Fix audit_log not generated for disruptive actions 
diff --git a/src/ngx_http_modsecurity_pre_access.c b/src/ngx_http_modsecurity_pre_access.c
index 7869f54..91ef1e0 100644
--- a/src/ngx_http_modsecurity_pre_access.c
+++ b/src/ngx_http_modsecurity_pre_access.c
@@ -104,6 +104,13 @@ ngx_http_modsecurity_pre_access_handler(ngx_http_request_t *r)
          */
         r->request_body_in_single_buf = 1;
         r->request_body_in_persistent_file = 1;
+        if (!r->request_body_in_file_only) {
+            // If the above condition fails, then the flag below will have been
+            // set correctly elsewhere. We need to set the flag here for other
+            // conditions (client_body_in_file_only not used but
+            // client_body_buffer_size is)
+            r->request_body_in_clean_file = 1;
+        }
 
         rc = ngx_http_read_client_request_body(r,
             ngx_http_modsecurity_request_read);