Trying to understand request body handling.

Dk Jack dnj0496 at gmail.com
Fri Jul 26 21:11:26 UTC 2019


Hi,
Could someone respond to my question. Is it even possible to implement a
module that meets my requirements (which I listed in my earlier post). Any
response is greatly appreciated. Thanks.


On Wed, Jul 24, 2019 at 11:07 PM Dk Jack <dnj0496 at gmail.com> wrote:

> Hi,
> In my module I have the following requirements:
>
> - Inspect the contents of the POST body in the request
> - If the body content matches the configured regex, then take one of the
> following actions:
>   - Return forbidden
>   - Redirect to another location without using 302
> - If the content doesn't match the configured regex, then simply forward
> the request to proxy_pass destination.
>
> I used 'ngx_http_read_client_request_body'function accumulate the body
> contents inspect it. I invoked this function from a pre-access handler. My
> request body handler callback gets called and I am able to inspect the body
> and I am able to take the actions I have mentioned above.
>
> However, it is not working completely as I expected. For example, when I
> return forbidden after body inspection, my client is receiving the
> forbidden message and the status code I've setup. However, the request
> seems to also get forwarded to the origin. In the error.log, I see 'header
> already sent while reading response from upstream' message. I see a similar
> issue when redirecting. The request is getting sent to origin server as
> well as the server I redirected to after inspection. Which leads me to
> believe that the request is being forwarded based on the proxy_pass rule
> while my module is still accumulating the body i.e before my body_complete
> handler is called. Is my understanding correct? If so, is there a way to
> stall the forwarding of the request till my module has completed the
> inspection? Is there something in the request I need to set in the earlier
> phases when I doing this sort of thing?
>
> I also modified my module to use body filters as described in
> https://nginx.org/en/docs/dev/development_guide.html#http_body_filters to
> see if it'd help my cause. However, I can't seem to get redirect working
> after inspecting the body. Any suggestions on the correct approach to
> solving my issues while adhering to requirements. Any help is greatly
> appreciated. Thanks.
>
> regards,
> Dk.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20190726/b8b6ccf5/attachment.html>


More information about the nginx-devel mailing list