I'm building a NGINX module with JavaScript, that read incoming requests and design whether to pass them to the proxy server, or to ignore them and return a "block.html" page as a response [kinda WAF].
The problem is when I try to access r.requestBody/r.requestText/r.requestBuffer
(all three ways should give me the whole request), the variable was undefined
.
Here are the JavaScript file (that for now has only "reading incoming messages" ability) and NGINX's configuration file:
waf.js
function main(r)
{
return "Request: " + r.requestText;
}
export default { main };
/etc/nginx/conf.d/default.conf
js_path "/etc/nginx/njs";
js_import waf.js;
js_set $return_value_of_main_func_in_waf waf.main;
log_format ret_val $return_value_of_main_func_in_waf;
server {
listen 80;
server_name localhost;
access_log /var/log/nginx/njs_output.log ret_val;
location / {
js_content waf.main;
}
location /block.html {
root /usr/share/nginx/html;
}
location @app-backend {
proxy_pass http://127.0.0.1:7777;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
njs_output.log
Request: undefined
Request: undefined
Request: undefined
Request: undefined
I tried to access other things in the r
variable, like r.rawHeadersIn
, and the output was fine:
Host,localhost,Connection,keep-alive,Cache-Control,max-age=0,sec-ch-ua,\x22Not?A_Brand\x22;v=\x228\x22, \x22Chromium\x22;v=\x22108\x22, \x22Google Chrome\x22;v=\x22108\x22,sec-ch-ua-mobile,?0,sec-ch-ua-platform,\x22Windows\x22,Upgrade-Insecure-Requests,1,User-Agent,Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36,Accept,text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9,Sec-Fetch-Site,none,Sec-Fetch-Mode,navigate,Sec-Fetch-User,?1,Sec-Fetch-Dest,document,Accept-Encoding,gzip, deflate, br,Accept-Language,he-IL,he;q=0.9,en-US;q=0.8,en;q=0.7,Cookie,security_level=0; security=low; PHPSESSID=ruioabebdprspfihjst4vu66he; session=9603a1c6-1fe4-4f93-be1a-68ad6a5738ed.vsLXilN0X5P1XWLCWBveUL1PkW8
I found an issue on the njs repo for this exact problem. It had a link to a blog post where the solution was to use the mirror directive.
e.g.