svrjs/modsecurity-integration
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore: update "modsecurity" npm package and remove bug workaround, since it's fixed in the package

Browse source
This commit is contained in:
Dorian Niemiec 2025-01-14 17:27:38 +01:00
parent 91164c4bfb
commit ca4558b8d5
3 changed files with 22 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
package-lock.json generated
View file

@ -9,7 +9,7 @@
"version": "0.0.0",
"hasInstallScript": true,
"dependencies": {
"modsecurity": "^0.0.2"
"modsecurity": "^0.0.3"
},
"devDependencies": {
"@commitlint/cli": "^19.6.1",
@ -6453,13 +6453,13 @@
}
},
"node_modules/modsecurity": {
"version": "0.0.2",
"resolved": "https://registry.npmjs.org/modsecurity/-/modsecurity-0.0.2.tgz",
"integrity": "sha512-TWfozIi3OrqN6qe6yH4FKD6pRt1d4ufV6whuSws3WY5McTOOZuvbrtCi9c8KQ2LoBl0WafZZ3UudyHmWP3BlIg==",
"version": "0.0.3",
"resolved": "https://registry.npmjs.org/modsecurity/-/modsecurity-0.0.3.tgz",
"integrity": "sha512-OenaShFmD9GW5jsEHT4gBW0NwOZAIm/ha62R5TP5qwH0+xTyawADMJ30WnJQ7d9cm+DcICpjtWWkXbwOTpLRQw==",
"hasInstallScript": true,
"dependencies": {
"bindings": "^1.5.0",
"node-addon-api": "^7.0.0"
"node-addon-api": "^8.0.0"
},
"engines": {
"node": "^10.20.0 || ^12.17.0 || >=14.0.0"
@ -6488,9 +6488,12 @@
"dev": true
},
"node_modules/node-addon-api": {
"version": "7.1.1",
"resolved": "https://registry.npmjs.org/node-addon-api/-/node-addon-api-7.1.1.tgz",
"integrity": "sha512-5m3bsyrjFWE1xf7nz7YXdN4udnVtXK6/Yfgn5qnahL6bCkf2yKt4k3nuTKAtT4r3IG8JNR2ncsIMdZuAzJjHQQ=="
"version": "8.3.0",
"resolved": "https://registry.npmjs.org/node-addon-api/-/node-addon-api-8.3.0.tgz",
"integrity": "sha512-8VOpLHFrOQlAH+qA0ZzuGRlALRA6/LVh8QJldbrC4DY0hXoMP0l4Acq8TzFC018HztWiRqyCEj2aTWY2UvnJUg==",
"engines": {
"node": "^18 || ^20 || >= 21"
}
},
"node_modules/node-int64": {
"version": "0.4.0",

2
package.json
View file

@ -36,7 +36,7 @@
"zip": "^1.2.0"
},
"dependencies": {
"modsecurity": "^0.0.2"
"modsecurity": "^0.0.3"
},
"config": {
"commitizen": {

33
src/index.js
View file

@ -79,11 +79,10 @@ module.exports = (req, res, logFacilities, config, next) => {
writtenStatusCode = statusCode;
let intervene = false;
Object.keys(writtenHeaders).forEach((key) => {
// There is a typo in "modsecurity" npm package C++ code that causes the value to be a header name when the value is not a buffer.
if (typeof writtenHeaders[key] == "string") {
securityResponse = transaction.addResponseHeader(
Buffer.from(key),
Buffer.from(writtenHeaders[key])
key,
writtenHeaders[key]
);
if (typeof securityResponse === "object") {
intervene = true;
@ -91,10 +90,7 @@ module.exports = (req, res, logFacilities, config, next) => {
}
} else if (Array.isArray(writtenHeaders[key])) {
writtenHeaders[key].forEach((value) => {
securityResponse = transaction.addResponseHeader(
Buffer.from(key),
Buffer.from(value)
);
securityResponse = transaction.addResponseHeader(key, value);
if (typeof securityResponse === "object") {
intervene = true;
return;
@ -148,11 +144,10 @@ module.exports = (req, res, logFacilities, config, next) => {
if (!headersSet) {
let intervene = false;
Object.keys(writtenHeaders).forEach((key) => {
// There is a typo in "modsecurity" npm package C++ code that causes the value to be a header name when the value is not a buffer.
if (typeof writtenHeaders[key] == "string") {
securityResponse = transaction.addResponseHeader(
Buffer.from(key),
Buffer.from(writtenHeaders[key])
key,
writtenHeaders[key]
);
if (typeof securityResponse === "object") {
intervene = true;
@ -160,10 +155,7 @@ module.exports = (req, res, logFacilities, config, next) => {
}
} else if (Array.isArray(writtenHeaders[key])) {
writtenHeaders[key].forEach((value) => {
securityResponse = transaction.addResponseHeader(
Buffer.from(key),
Buffer.from(value)
);
securityResponse = transaction.addResponseHeader(key, value);
if (typeof securityResponse === "object") {
intervene = true;
return;
@ -276,11 +268,10 @@ module.exports = (req, res, logFacilities, config, next) => {
if (!headersSet) {
let intervene = false;
Object.keys(writtenHeaders).forEach((key) => {
// There is a typo in "modsecurity" npm package C++ code that causes the value to be a header name when the value is not a buffer.
if (typeof writtenHeaders[key] == "string") {
securityResponse = transaction.addResponseHeader(
Buffer.from(key),
Buffer.from(writtenHeaders[key])
key,
writtenHeaders[key]
);
if (typeof securityResponse === "object") {
intervene = true;
@ -288,10 +279,7 @@ module.exports = (req, res, logFacilities, config, next) => {
}
} else if (Array.isArray(writtenHeaders[key])) {
writtenHeaders[key].forEach((value) => {
securityResponse = transaction.addResponseHeader(
Buffer.from(key),
Buffer.from(value)
);
securityResponse = transaction.addResponseHeader(key, value);
if (typeof securityResponse === "object") {
intervene = true;
return;
@ -432,8 +420,7 @@ module.exports = (req, res, logFacilities, config, next) => {
if (key === null) {
key = v;
} else {
// There is a typo in "modsecurity" npm package C++ code that causes the value to be a header name when the value is not a buffer.
transaction.addRequestHeader(Buffer.from(key), Buffer.from(v));
transaction.addRequestHeader(key, v);
key = null;
}
});