mod_security and "connection: close"

时间:2016-04-25 09:34:25

标签: php apache mod-security

We have an application which needs to close the connection and redirect to another page. This works fine with the following code:

header("Connection: close\r\n");
header("Content-Encoding: none\r\n");
ignore_user_abort(true);
ob_start();
$size = ob_get_length();
//Redirect
header("Location: $domain", true, 303);
header("Content-Length: $size");
ob_end_flush();
flush();

We use mod_security on the server, once it is activated it does not close the connection anymore. The audit log does not contain an entry.

Disabling mod_security or setting SecResponseBodyAccess to Off will re-enable the functionality.

Is there an option for mod_security or a PHP-way to leave SecResponseBodyAccess on and still be able to close an connection?

0 个答案:

没有答案