fix: fix bug with Host header not sent to ModSecurity for HTTP/2 requests
This commit is contained in:
parent
304664a9e9
commit
ceea98db38
1 changed files with 23 additions and 7 deletions
30
src/index.js
30
src/index.js
|
|
@ -421,15 +421,31 @@ module.exports = (req, res, logFacilities, config, next) => {
|
||||||
return processIntervention();
|
return processIntervention();
|
||||||
}
|
}
|
||||||
|
|
||||||
let key = null;
|
let headerIntervene = false;
|
||||||
req.rawHeaders.forEach((v) => {
|
Object.keys(req.headers).every((key) => {
|
||||||
if (key === null) {
|
if (typeof req.headers[key] == "string") {
|
||||||
key = v;
|
securityResponse = transaction.addResponseHeader(key, req.headers[key]);
|
||||||
} else {
|
if (typeof securityResponse === "object") {
|
||||||
transaction.addRequestHeader(key, v);
|
headerIntervene = true;
|
||||||
key = null;
|
return false;
|
||||||
}
|
}
|
||||||
|
} else if (Array.isArray(req.headers[key])) {
|
||||||
|
req.headers[key].every((value) => {
|
||||||
|
securityResponse = transaction.addResponseHeader(key, value);
|
||||||
|
if (typeof securityResponse === "object") {
|
||||||
|
headerIntervene = true;
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
return true;
|
||||||
});
|
});
|
||||||
|
if (headerIntervene) return false;
|
||||||
|
}
|
||||||
|
return true;
|
||||||
|
});
|
||||||
|
|
||||||
|
if (headerIntervene) {
|
||||||
|
return processIntervention();
|
||||||
|
}
|
||||||
|
|
||||||
securityResponse = transaction.processRequestHeaders();
|
securityResponse = transaction.processRequestHeaders();
|
||||||
if (typeof securityResponse === "object") {
|
if (typeof securityResponse === "object") {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue