diff --git a/CHANGES b/CHANGES index c963574..fbd8976 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,8 @@ v1.0.x - YYYY-MMM-DD (To be released) ------------------------------------- + - Fix client_body_in_file_only config setting not respected + [Issue #187 - @martinhsv] - Fix audit_log not generated for disruptive actions [Issue #170, #2220, #2237 - @victorhora] - Exit more gracefully if uri length is zero diff --git a/src/ngx_http_modsecurity_pre_access.c b/src/ngx_http_modsecurity_pre_access.c index e072460..05f659b 100644 --- a/src/ngx_http_modsecurity_pre_access.c +++ b/src/ngx_http_modsecurity_pre_access.c @@ -94,17 +94,6 @@ ngx_http_modsecurity_pre_access_handler(ngx_http_request_t *r) dd("asking for the request body, if any. Count: %d", r->main->count); - /** - * TODO: Check if there is any benefit to use request_body_in_single_buf set to 1. - * - * saw some module using this request_body_in_single_buf - * but not sure what exactly it does, same for the others options below. - * - * r->request_body_in_single_buf = 1; - */ - r->request_body_in_single_buf = 1; - r->request_body_in_persistent_file = 1; - r->request_body_in_clean_file = 1; rc = ngx_http_read_client_request_body(r, ngx_http_modsecurity_request_read);