lua_need_request_body on; header_filter_by_lua_block { local ct = ngx.header.content_type or "" if ct:lower():find("^text/html") then ngx.ctx.is_html = true else ngx.ctx.is_html = false end } body_filter_by_lua_block { -- only apply further processing if this is an HTML response if not ngx.ctx.is_html then return end -- initialize or reuse the buffer ngx.ctx.buf = ngx.ctx.buf or {} local chunk, eof = ngx.arg[1], ngx.arg[2] if chunk ~= "" then table.insert(ngx.ctx.buf, chunk) end if not eof then -- drop intermediate chunks; we’ll emit only on eof ngx.arg[1] = nil return end -- on eof: concatenate all buffered chunks local whole = table.concat(ngx.ctx.buf) ngx.ctx.buf = nil -- clear buffer -- remove html CSP, due to management via infinito nexus policies whole = whole:gsub( ']-http%-equiv=["\']Content%-Security%-Policy["\'][^>]->%s*', '' ) -- build a list of head-injection snippets local head_snippets = {} {% for head_feature in ['css', 'matomo', 'port-ui-desktop', 'javascript', 'logout' ] %} {% if applications | get_app_conf(application_id, 'features.' ~ head_feature, false) | bool %} head_snippets[#head_snippets + 1] = [=[ {%- include "roles/srv-web-7-7-inj-" ~ head_feature ~ "/templates/head_sub.j2" -%} ]=] {% endif %} {% endfor %} -- inject all collected snippets right before local head_payload = table.concat(head_snippets, "\n") .. "" whole = string.gsub(whole, "", head_payload) -- build a list of body-injection snippets local body_snippets = {} {% for body_feature in ['matomo', 'logout', 'port-ui-desktop'] %} {% if applications | get_app_conf(application_id, 'features.' ~ body_feature, false) | bool %} body_snippets[#body_snippets + 1] = [=[ {%- include "roles/srv-web-7-7-inj-" ~ body_feature ~ "/templates/body_sub.j2" -%} ]=] {% endif %} {% endfor %} -- inject all collected snippets right before local body_payload = table.concat(body_snippets, "\n") .. "" whole = string.gsub(whole, "", body_payload) -- finally send the modified HTML out ngx.arg[1] = whole }