log response body - limithit/ModSecurity GitHub Wiki
Log all response body
Add a few lines
char s_response_body[2048];
const char *fmt_base = "%.*s";
snprintf((char*) s_response_body, sizeof(s_response_body), fmt_base,
chain->buf->last - data, data);
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http header_all3: \"%s\"", s_response_body);
ngx_http_modsecurity_body_filter.c
ngx_int_t
ngx_http_modsecurity_body_filter(ngx_http_request_t *r, ngx_chain_t *in)
{
.....
for (; chain != NULL; chain = chain->next)
{
u_char *data = chain->buf->pos;
int ret;
char s_response_body[2048];
const char *fmt_base = "%.*s";
snprintf((char*) s_response_body, sizeof(s_response_body), fmt_base,
chain->buf->last - data, data);
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http header_all3: \"%s\"", s_response_body);
msc_append_response_body(ctx->modsec_transaction, data, chain->buf->last - data);
ret = ngx_http_modsecurity_process_intervention(ctx->modsec_transaction, r, 0);
if (ret > 0) {
return ngx_http_filter_finalize_request(r,
&ngx_http_modsecurity_module, ret);
}
....
return ngx_http_next_body_filter(r, in);
}