Explicitly copy request body into Apache structures for any mode.

Use the same helper that has been previously only called for detection-only mode when prevention mode is enabled. Signed-off-by: Vladimir Krivopalov <vlkrivop@microsoft.com>
microsoft · Mar 13, 2019 · 3fa2cac · 3fa2cac
1 parent e0795b9
commit 3fa2cac
Showing 1 changed file with 6 additions and 16 deletions.
diff --git a/iis/mymodule.cpp b/iis/mymodule.cpp
@@ -957,17 +957,6 @@ CMyHttpModule::OnBeginRequest(IHttpContext* httpContext, IHttpEventProvider* pro
 
         delete apppath;
         delete path;
-
-        if (config->config->is_enabled == MODSEC_DETECTION_ONLY)
-        {
-            modsecSetReadBody(nullptr);
-            modsecSetWriteBody(nullptr);
-        }
-        else
-        {
-            modsecSetReadBody(ReadBodyCallback);
-            modsecSetWriteBody(WriteBodyCallback);
-        }
     }
 
     ConnRecPtr connRec = MakeConnReq();
@@ -1218,13 +1207,14 @@ CMyHttpModule::OnBeginRequest(IHttpContext* httpContext, IHttpEventProvider* pro
 #endif
     c->remote_host = NULL;
 
+    hr = SaveRequestBodyToRequestRec(context);
+    if (FAILED(hr)) {
+        context->provider->SetErrorStatus(hr);
+        return RQ_NOTIFICATION_FINISH_REQUEST;
+    }
+
     if (config->config->is_enabled == MODSEC_DETECTION_ONLY)
     {
-        hr = SaveRequestBodyToRequestRec(context);
-        if (FAILED(hr)) {
-            context->provider->SetErrorStatus(hr);
-            return RQ_NOTIFICATION_FINISH_REQUEST;
-        }
         // We post the processing task to the thread pool to happen in the background.
         // We store the future to track and wait for this processing in case if we also
         // need to process the response because we need request processing to finish