logo       
<prev   next>

Re: Please help: How to Change / Remove HTTPresponse headers conditionally : msg#00122

apache.mod-security.user

Subject: Re: Please help: How to Change / Remove HTTPresponse headers conditionally based on request headers

 

I don’t think that ModSecurity can rewrite traffic for you. The @rx operator cannot take a replacement syntax and only a match syntax (i.e. no s/p1/p2/, only simple "@rx pattern")

 

~ Ofer

 

From: mod-security-users-bounces@xxxxxxxxxxxxxxxxxxxxx [mailto:mod-security-users-bounces@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Felix Faassen
Sent: Thursday, November 23, 2006 12:53 PM
To: mod-security-users@xxxxxxxxxxxxxxxxxxxxx
Subject: [mod-security-users] Please help: How to Change / Remove HTTPresponse headers conditionally based on request headers

 

Hi,

 

I would like to know if it's is possible to change/remove  HTTP response headers conditionally using mod_security.

 

For instance, if a "User-Agent" contains Mozilla*, remove HTTP header ContentLength

 

I've configured the following rules:

 

SecRule REQUEST_HEADERS "User Agent: Mozilla*" "log,phase:1,chain"
SecRule RESPONSE_HEADERS "@rx s/Content-Length://g" "log, phase:3" 

 

This does not seem to be working. Any tips and ideas are most welcome.

 

Cheers,

 

Felix Faassen

 

This e-mail message contains information which is confidential and may be privileged. It is intended for use by the addressee only. If you are not the intended addressee, we request that you notify the sender immediately and delete or destroy this e-mail message and any attachment(s), without copying, saving, forwarding, disclosing or using its contents in any other way. TomTom N.V., TomTom International BV or any other company belonging to the TomTom group of companies will not be liable for damage relating to the communication by e-mail of data, documents or any other information.

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV_______________________________________________
mod-security-users mailing list
mod-security-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/mod-security-users
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Please help: How to Change / Remove HTTP response headers conditionally based on request headers: 00122, Felix Faassen
Next by Date:  Re: Please help: How to Change / Remove HTTPresponse headers conditionally based on request headers: 00122, Ryan Barnett
Previous by Thread:  Please help: How to Change / Remove HTTP response headers conditionally based on request headersi: 00122, Felix Faassen
Next by Thread:  Re: Please help: How to Change / Remove HTTPresponse headers conditionally based on request headers: 00122, Ryan Barnett
Indexes:  [Date] [Thread] [Top] [All Lists]

Google Custom Search
News | FAQ | advertise