On Jan 29, 2008 4:18 PM, Ryan Barnett <Ryan.Barnett@breach.com> wrote:

In the current version of ModSecurity, you can not edit/manipulate outbound data.

I'm new to ModSecurity, so please excuse me if I totally misunderstood. I previously asked a question on the list about CSRF protection mechanisms and Ivan Ristic responded that I could inject nonces into forms via ModSecurity, so I understood from that that you could manipulate outbound data. What am I missing?

- J

 The exception here is the new Content Injection actions in Mod 2.5, however that is for response body data and it can not manipulate response headers.


In order to do what you need, you will probably need to use mod_headers - http://httpd.apache.org/docs/2.2/mod/mod_headers.html#header


Ryan C. Barnett
ModSecurity Community Manager

Breach Security: Director of Training

Web Application Security Consortium (WASC) Member

CIS Apache Benchmark Project Lead


Author: Preventing Web Attacks with Apache


From: mod-security-users-bounces@lists.sourceforge.net [mailto:mod-security-users-bounces@lists.sourceforge.net] On Behalf Of J Amuse
Sent: Tuesday, January 29, 2008 8:50 AM
To: mod-security-users@lists.sourceforge.net
Subject: [mod-security-users] changing session token attributes


I want to create a rule to rewrite a cookie's attributes, i.e. add secure and HttpOnly flags and reset the path to a different directory. I figure I can use the RESPONSE_HEADERS variable, but I'm not sure how to go about creating a rule to rewrite content. Can someone point me to an example?

 - J