I have started to write a module which goal is to act in a similar way to "mod_security" in Apache. To keep it short, it will provide applicative filtering, denying some requests if the module think they are evil or contains specific attack signatures. Nginx will be used as a reverse proxy here.
So far, I've managed to make a really basic module (based on ngx_http_access_module) that is able to allow or deny a request according to various (extremely simple) pattern matching. I have now to parse the uri, args and post data, to start the "real stuff". When I say "parse", I mean being able to cut down every argument (POST or GET), in order to be able to run regexp (or things like that) on both value and variable name. So this brings me to my question : - Is there, inside the ngx_http_request_t structure (or somewhere else), a "parsed" version of get/post args ? - If not, is there any module that is actually performing this kind of operation ?
PS: I've looked to the "ngx_http_variable_value_t *variables;" in the ngx_http_request struct, but it doesn't seem to be that ... On the other hand, some folks on the channel told me that the python interface is able to access those vars, so they must be somewhere ! ;)