Allow non-zero Content-Length for HEAD requests

Ramandeep · Felipe Zimmerle · commit 4c711cc8acaf · 2016-02-02T11:02:49.000-03:00
diff --git a/nginx/modsecurity/ngx_http_modsecurity.c b/nginx/modsecurity/ngx_http_modsecurity.c
@@ -1412,7 +1412,7 @@ ngx_http_modsecurity_body_filter(ngx_http_request_t *r, ngx_chain_t *in)
                    "ModSecurity: save headers out done: done");
 
 
-    if (r->headers_out.content_length_n != -1) {
+    if (r->headers_out.content_length_n != -1 && r->method != NGX_HTTP_HEAD) {
 
         r->headers_out.content_length_n = content_length;
         r->headers_out.content_length = NULL; /* header filter will set this */
