V3/issue 1960

[airween]

Fixed #1960.

[airween]

Alternative solution to ignore the sent modification, and grab the intervention in each affected (disruptive) actions, eg:

    if (transaction->m_it.status == 200) {
        transaction->m_it.status = 403;
    }

replace this to

    if (transaction->getRuleEngineState() != RulesProperties::DetectionOnlyRuleEngine) {
        if (transaction->m_it.status == 200) {
            transaction->m_it.status = 403;
        }
    }

In this case, in the late phases the HTTP server response doesn't lost.

As I see, these actions are affected: deny, drop and may be the redirect.

Any idea?

[airween]

Argh... this error comes again and again...
https://travis-ci.org/SpiderLabs/ModSecurity/jobs/497221130#L98

Anyway, I think the patch works, wait @zimmerle's notices :)

[victorhora]

Hi @airween I've triggered a rebuild on Travis. Hopefully it will be good until we discuss how we should fix this one :)

In a related matter, I'm also curious why Travis is failing somewhat frequently. :/

[zimmerle]

This subject was under discussion on our Slack channel. @airween have addressed some of the comments and opened a new issue: #2032.

I am closing this in favor of #2031.