Nice work Chris! One small note: the static namespace didn't exist in 9.x, so you could replace that with a local variable set in HTTP_REQUEST:
when HTTP_REQUEST {
Only check POST requests
if { [HTTP::method] eq "POST" } {
Default amount of request payload to collect (in bytes)
set collect_length 2048
Check for a non-existent Content-Length header
if {[HTTP::header Content-Length] eq ""}{
Use default collect length of 2k for POSTs without a Content-Length header
set collect_length $collect_length
} elseif {[HTTP::header Content-Length] == 0}{
Don't try collect a payload if there isn't one
unset collect_length
} elseif {[HTTP::header Content-Length] > $collect_length}{
Use default collect length
set collect_length $collect_length
} else {
Collect the actual payload length
set collect_length [HTTP::header Content-Length]
}
If the POST Content-Length isn't 0, collect (a portion of) the payload
if {[info exists collect_length]}{
Trigger collection of the request payload
HTTP::collect $collect_length
}
}
}
when HTTP_REQUEST_DATA {
if { [matchclass [HTTP::payload] contains dg_blocked] }{
HTTP::respond 403 "Blocked"
}
}
Aaron