Bug ID 1004793: If there is an additional CSRT token, it triggers a No Max Parameter Protocol Compliance violation .

Last Modified: Jul 24, 2024

Affected Product(s):
BIG-IP ASM(all modules)

Fixed In:
17.0.0, 16.1.5

Opened: Mar 23, 2021

Severity: 3-Major

Symptoms

No Max Parameter Protocol Compliance violation is triggered when the CSRF is enabled.

Impact

False-negative

Conditions

CSRF and Max Parameter Protocol Compliance violations are enabled.

Workaround

None

Fix Information

BIG-IP now checks to see if CSRF is enabled, and performs the necessary update on the internal data structure so that the enforcer can detect a Max Parameter Protocol Compliance violation.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips