Bug ID 1174873: Query string separators ? or / in MutiDomain or SAML use cases are incorrectly converted to "%3F" or "%2F"

Last Modified: Apr 28, 2025

Affected Product(s):
BIG-IP APM(all modules)

Known Affected Versions:
17.0.0.1

Fixed In:
17.1.0, 17.0.0.2, 16.1.3.3, 15.1.8.1, 14.1.5.3

Opened: Oct 17, 2022

Severity: 3-Major

Symptoms

In muti-domain Single Sign-On (SSO) or SAML Auth, the location header query string separator is converted from "?" to "%3F" or / to "%2F"

Impact

MultiDomain Auth or SAML Auth will fail

Conditions

- Create an access policy with a redirect to login page.

Workaround

None

Fix Information

A function that was used to normalize URLs was corrected.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips