Bug ID 1293829: The violation "Illegal cross-origin request" is raised when it is not enabled under learning-blocking settings

Last Modified: Dec 05, 2024

Affected Product(s):
BIG-IP TMOS(all modules)

Known Affected Versions:
17.1.0, 17.1.0.1, 17.1.0.2, 17.1.0.3, 17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3, 17.1.1.4

Fixed In:
17.1.2

Opened: Apr 28, 2023

Severity: 3-Major

Symptoms

Request with a cross-origin violation, raises a violation when the violation is not enabled.

Impact

Although the violation "Illegal cross-origin request" is disabled, still the violation is raised.

Conditions

- URL configured with enable staging and "CORS Enforcement" - Violation "Illegal cross-origin request" is disabled - Send a request with an illegal cross-origin header to that URL

Workaround

None

Fix Information

The violation "Illegal cross-origin request" is now raised only when it is enabled.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips