On Mon, Dec 15, 2008 at 11:30 AM, Ferdinand Arndt <[email protected]> wrote: > > On Dec 15, 2008, at 12:10 PM, Ivan Ristic wrote: > >> You can look at how ModSecurity (http://www.modsecurity.org) does it: >> you can read the request body and store it somewhere, then you insert >> and input filter that sends data from the buffer down the chain and >> removes itself from the chain once it's done. >> >> You can choose where you're reading the request body. In a pure-filter >> approach you will read it on the first invocation. Alternatively, you >> can read it in a hook, but store it somewhere where your filter will >> find it. In the latter case, the purpose of the filter will be only to >> pass on the data in your buffer. > > Ok, thank you, I'll have a look at it. So my inputfilter has to be executed > before any other input filter runs. > >> >> By the way, ModSecurity can already do what you're describing. > > Unfortunately, I have to perform also database lookups and use this data in > my regex, so I unfortunately have to do it by myself :(
Maybe. But, just FYI, it is trivial to extend ModSecurity with custom code (by writing another Apache module that makes itself known to ModSecurity, using the optional functions mechanism of Apache). There are some examples in the "api" subfolder. >> On Mon, Dec 15, 2008 at 11:04 AM, Ferdinand Arndt >> <[email protected]> wrote: >>> >>> Hi, >>> >>> I am trying to make a module that does the following: >>> >>> 1. Reading the request body >>> 2. Checking the data with some regex >>> 3. Setting some environment variables >>> >>> The environment variables are for later processing with mod_rewrite. >>> >>> My problem is, how to write the content of the request back to the chain, >>> so >>> that it can be used later again in other modules or can be forwared to >>> another server with mod_rewrite/mod_proxy. >>> >>> My first approach is to do it all in an input filter, but as far as I >>> understand it, the filter is only active, if I read the content in >>> another >>> hook outside the filter. So how can I read the data and write it back? >>> >>> /Regards, >>> >>> Ferdinand >>> >>> >>> >>> >>> >>> >> >> >> >> -- >> Ivan Ristic > > > > > > > -- Ivan Ristic
