Bug ID 1084257: New HTTP RFC Compliance check in headers

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP ASM(all modules)

Fixed In:
17.1.0, 17.0.0.1, 16.1.4, 15.1.7

Opened: Mar 01, 2022

Severity: 3-Major

Related Article: K11342432

Symptoms

ASM is not enforcing certain HTTP request header formatting.

Impact

Invalid requests according to HTTP RFC might pass through ASM enforcement.

Conditions

HTTP request with certain header formatting.

Workaround

None

Fix Information

"Unparsable request content" violation is reported when an HTTP request matching the condition is received.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips