nginx-modsecurity-xheaders.patch

   1 diff -ruNp modsecurity-2.9.0.orig/nginx/modsecurity/ngx_http_modsecurity.c modsecurity-2.9.0/nginx/modsecurity/ngx_http_modsecurity.c
   2 --- modsecurity-2.9.0.orig/nginx/modsecurity/ngx_http_modsecurity.c     2015-02-12 20:08:31.000000000 +0100
   3 +++ modsecurity-2.9.0/nginx/modsecurity/ngx_http_modsecurity.c  2015-07-31 23:34:31.601688075 +0200
   4 @@ -28,6 +28,7 @@
   5
   6  typedef struct {
   7      ngx_flag_t                  enable;
   8 +    ngx_flag_t                  x_headers;
   9      directory_config            *config;
  10
  11      ngx_str_t                   *file;
  12 @@ -83,6 +84,12 @@ static ngx_command_t  ngx_http_modsecuri
  13      NGX_HTTP_LOC_CONF_OFFSET,
  14      offsetof(ngx_http_modsecurity_loc_conf_t, enable),
  15      NULL },
  16 +  { ngx_string("ModSecurityXHeaders"),
  17 +    NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_SIF_CONF|NGX_HTTP_LOC_CONF|NGX_HTTP_LIF_CONF|NGX_CONF_TAKE1,
  18 +    ngx_conf_set_flag_slot,
  19 +    NGX_HTTP_LOC_CONF_OFFSET,
  20 +    offsetof(ngx_http_modsecurity_loc_conf_t, x_headers),
  21 +    NULL },
  22    ngx_null_command
  23  };
  24
  25 @@ -432,7 +439,11 @@ ngx_http_modsecurity_save_headers_in_vis
  26      }
  27
  28      ngx_strlow(h->lowcase_key, h->key.data, h->key.len);
  29 +    h->lowcase_key[h->key.len] = '\0';
  30
  31 +    if (!ngx_strcmp(h->lowcase_key, "host"))
  32 +        return 1;
  33 +
  34      h->hash = ngx_hash_key(h->lowcase_key, h->key.len);
  35
  36      cmcf = ngx_http_get_module_main_conf(r, ngx_http_core_module);
  37 @@ -737,8 +748,10 @@ ngx_http_modsecurity_save_headers_out_vi
  38      ngx_table_elt_t                *h, he;
  39      ngx_http_upstream_header_t     *hh;
  40      ngx_http_upstream_main_conf_t  *umcf;
  41 +    ngx_table_elt_t                *tmp_header;
  42
  43      umcf = ngx_http_get_module_main_conf(r, ngx_http_upstream_module);
  44 +    ngx_http_modsecurity_loc_conf_t *conf = ngx_http_get_module_loc_conf(r, ngx_http_modsecurity);
  45
  46      h = &he;
  47
  48 @@ -755,6 +768,19 @@ ngx_http_modsecurity_save_headers_out_vi
  49
  50      ngx_strlow(h->lowcase_key, h->key.data, h->key.len);
  51
  52 +    if (conf->x_headers) {
  53 +        h->lowcase_key[h->key.len] = '\0';
  54 +        if (h->lowcase_key[0] == 'x' &&
  55 +            h->lowcase_key[1] == '-') {
  56 +
  57 +            tmp_header = ngx_list_push(&r->headers_out.headers);
  58 +            tmp_header->key = h->key;
  59 +            tmp_header->value = h->value;
  60 +            tmp_header->hash = 1;
  61 +            return 1;
  62 +        }
  63 +    }
  64 +
  65      h->hash = ngx_hash_key(h->lowcase_key, h->key.len);
  66
  67      hh = ngx_hash_find(&umcf->headers_in_hash, h->hash,
  68 @@ -810,6 +836,7 @@ ngx_http_modsecurity_create_loc_conf(ngx
  69
  70      conf->config = NGX_CONF_UNSET_PTR;
  71      conf->enable = NGX_CONF_UNSET;
  72 +    conf->x_headers = NGX_CONF_UNSET;
  73
  74      return conf;
  75  }
  76 @@ -823,6 +850,7 @@ ngx_http_modsecurity_merge_loc_conf(ngx_
  77      ngx_http_modsecurity_loc_conf_t  *conf = child;
  78
  79      ngx_conf_merge_value(conf->enable, prev->enable, 0);
  80 +    ngx_conf_merge_value(conf->x_headers, prev->x_headers, 0);
  81      ngx_conf_merge_ptr_value(conf->config, prev->config, NULL);
  82
  83      if (conf->enable && conf->config == NULL) {