How does Coraza handle streaming and chunked encoding?

[dspeg]

Does Coraza support inspecting request data in such requests/responses? Does Coraza buffer the requests/responses for inspection?

If yes, does Coraza support turning on/off the inspection?

I found some info for ModSecurity V2, SecStreamInBodyInspection

[jptosso]

Hey! Coraza is not designed to be only used as an inline proxy, that's why we decided not to provide access to the request and response buffers. In theory a Coraza implementation might take ownership of the buffer and bring it back to the web application, but still, we don't provide write access to it.