Writing Owin component is really easy. Changing response's body content can be tricky.
Let's say you need to strip out confidential information from your http/https response before passing it to the client. Sounds pretty easy but tricky at the same time.
Key points to note is that :-
1. Must invoke the next owin component in the pipeline before reading response as string. (maybe that's obvious)
Try to use filter to control flow to your owin component. As you can see below, code 21, i running a check on Request.Path to prevent application to flow through (modifying anything in my Owin component).
2.When modifying content, you need to set context.Response.ContentType, StatusCode and ContentLength to the size of data you're trying to push across.
I used memorystream to channel my output to context.response.body
3. Must use code starting from Line 69 to copy content to context.Response.Body. Your owin pipeline can get pretty unable if you don't do this.
Full source for my implementation is given here.