SecRequestBodyLimitAction ProcessPartial truncated POST data for mod_proxy when the SecRequestBodyLimit is exceeded

[rcbarnett-zz]

MODSEC-252: Config:

SecRuleEngine DetectionOnly
SecRequestBodyAccess On
SecRequestBodyLimit 10

Result with big POST:

proxy host:
[Tue Jun 07 10:40:51 2011] [error] [client a.b.c.d] ModSecurity: Request body (Content-Length) is larger than the configured limit (10). [hostname "test"] [uri "/test"] [unique_id "Te3kEwoNzNMAACBtAX0AAAAA"]

the request is then passed to the mod_proxy_balancer and to the another host (HTTP Backend) but the application on that hosts gets corrupted data - data is truncated to the SecRequestBodyLimit.

I've also tried setting "SecRuleEngine On" with "SecRequestBodyLimitAction ProcessPartial" but the result is the same - proxied POST data is corrupted.

Removing SecRuleEngine from the configuration couses proxying without any problems.

I'd like to add that low SecRequestBodyLimit is essential for me.

[rcbarnett-zz]

Original reporter: pkoper

[rcbarnett-zz]

bpinto: Let me debug it a little bit more