On Mon, Sep 14, 2009 at 21:39, Ivan Ristic wrote:
> There's an incompatibility between ModSecurity and mod_deflate, which
> I would like to fix it. (It is triggered when AddOutputFilterByType is
> used.) I basically need to ensure that ModSecurity's output filter
> runs before mod_deflate's in all cases. I am aware of mod_filter
> (which I suspect should be able to deal with this situation), but I
> prefer a solution that does not require further work on the part of
> ModSecurity users.
It depends. If module X registers its output filter in, for example,
the post-config hook, you can register your own hook and have it run
before module X's like so:
const char *runAfterUs = { "mod_x.c", NULL };
ap_hook_post_config(your_post_config_hook, NULL, runAfterUs, HOOK_MIDDLE);
If however the module registers its output filter during the 'register
hooks' phase like mod_deflate does, your best bet is to register your
own filter and manipulate the ap_filter_rec_t structure (which is
essentially a linked list) so that your filter comes before
mod_deflate's.
It's not entirely according to the book but it should be a fairly
robust solution. ap_filter_rec_t lives in util_filter, which is part
of the module API, and isn't a opaque structure so I don't foresee it
changing anytime soon.
This is, of course, to the best of my knowledge. I'm not aware of a
better way, but if there is, I'd also like to hear it. =)
