nginx: fix missing headers while SecResponseBodyAccess was On

Felipe Zimmerle · Felipe Zimmerle · commit e20c80004472 · 2014-01-06T19:10:24.000-08:00
The problem was caused by the fact that ModSecutiry was telling Nginx that headers had been sent when, in fact, had not. This modification was added in the past, along with others, in the following commit: fd2c30f This patch, just removes the "r->header_sent = 1". After that modification the following regression tests started to work again: from: action/00-disruptive-actions.t 3) action - pass in phase:3 4) action - pass in phase:4 11) action - deny in phase:3 12) action - deny in phase:4 19) action - redirect in phase:3 (get) 20) action - redirect in phase:4 (get) 23) action - proxy in phase:3 (get) 24) action - proxy in phase:4 (get) from: config/10-response-directives.t 2) config - SecResponseBodyAccess On 6) config - SecResponseBodyLimit (greater) 7) config - SecResponseBodyLimitAction Reject
diff --git a/nginx/modsecurity/ngx_http_modsecurity.c b/nginx/modsecurity/ngx_http_modsecurity.c
@@ -1139,9 +1139,6 @@ ngx_http_modsecurity_header_filter(ngx_http_request_t *r) {
 
     /* SecResponseBodyAccess on, process rules in body filter */
 
-    /* pretend we are ngx_http_header_filter */
-    r->header_sent = 1;
-
     r->filter_need_in_memory = 1;
     return NGX_OK;
 }

Original file line number	Diff line number	Diff line change
`@@ -1139,9 +1139,6 @@ ngx_http_modsecurity_header_filter(ngx_http_request_t *r) {`
`1139`	`1139`
`1140`	`1140`	`/* SecResponseBodyAccess on, process rules in body filter */`
`1141`	`1141`
`1142`		`- /* pretend we are ngx_http_header_filter */`
`1143`		`- r->header_sent = 1;`
`1144`		`-`
`1145`	`1142`	`r->filter_need_in_memory = 1;`
`1146`	`1143`	`return NGX_OK;`
`1147`	`1144`	`}`