modsecurity: remove body filter

Origin response is trusted and any modsecurity inteventions do not work
anyway.

Author: pracj3am

config

@@ -112,7 +112,6 @@ if test -n "$ngx_module_link"; then
 	ngx_module_srcs="$ngx_addon_dir/src/ngx_http_modsecurity_module.c \
             $ngx_addon_dir/src/ngx_http_modsecurity_pre_access.c \
             $ngx_addon_dir/src/ngx_http_modsecurity_header_filter.c \
-            $ngx_addon_dir/src/ngx_http_modsecurity_body_filter.c \
             $ngx_addon_dir/src/ngx_http_modsecurity_log.c \
             $ngx_addon_dir/src/ngx_http_modsecurity_rewrite.c \
             "
@@ -143,7 +142,6 @@ else
 	    $ngx_addon_dir/src/ngx_http_modsecurity_module.c \
 	    $ngx_addon_dir/src/ngx_http_modsecurity_pre_access.c \
 	    $ngx_addon_dir/src/ngx_http_modsecurity_header_filter.c \
-	    $ngx_addon_dir/src/ngx_http_modsecurity_body_filter.c \
 	    $ngx_addon_dir/src/ngx_http_modsecurity_log.c \
 	    $ngx_addon_dir/src/ngx_http_modsecurity_rewrite.c \
 	    "

src/ngx_http_modsecurity_body_filter.c

@@ -122,10 +122,6 @@ ngx_pool_t *ngx_http_modsecurity_pcre_malloc_init(ngx_pool_t *pool);
 void ngx_http_modsecurity_pcre_malloc_done(ngx_pool_t *old_pool);
 #endif
 
-/* ngx_http_modsecurity_body_filter.c */
-void ngx_http_modsecurity_body_filter_init(void);
-ngx_int_t ngx_http_modsecurity_body_filter(ngx_http_request_t *r, ngx_chain_t *in);
-
 /* ngx_http_modsecurity_header_filter.c */
 void ngx_http_modsecurity_header_filter_init(void);
 

src/ngx_http_modsecurity_common.h

@@ -353,13 +353,6 @@ ngx_http_modsecurity_header_filter(ngx_http_request_t *r)
         return ngx_http_next_header_filter(r);
     }
 
-    /*
-     * Lets ask nginx to keep the response body in memory
-     *
-     * FIXME: I don't see a reason to keep it `1' when SecResponseBody is disabled.
-     */
-    r->filter_need_in_memory = 1;
-
     ctx->processed = 1;
     /*
      *
@@ -437,25 +430,5 @@ ngx_http_modsecurity_header_filter(ngx_http_request_t *r)
         return ngx_http_filter_finalize_request(r, &ngx_http_modsecurity_module, ret);
     }
 
-    /*
-     * Proxies will not like this... but it is necessary to unset
-     * the content length in order to manipulate the content of
-     * response body in ModSecurity.
-     *
-     * This header may arrive at the client before ModSecurity had
-     * a change to make any modification. That is why it is necessary
-     * to set this to -1 here.
-     *
-     * We need to have some kind of flag the decide if ModSecurity
-     * will make a modification or not. If not, keep the content and
-     * make the proxy servers happy.
-     *
-     */
-
-    /*
-     * The line below is commented to make the spdy test to work
-     */
-     //r->headers_out.content_length_n = -1;
-
     return ngx_http_next_header_filter(r);
 }

src/ngx_http_modsecurity_header_filter.c

@@ -555,7 +555,6 @@ ngx_http_modsecurity_init(ngx_conf_t *cf)
     *h = ngx_http_modsecurity_log_handler;
 
     ngx_http_modsecurity_header_filter_init();
-    ngx_http_modsecurity_body_filter_init();
 
     return NGX_OK;
 }