Last Modified: Dec 05, 2024
Affected Product(s):
BIG-IP TMOS
Known Affected Versions:
17.1.0, 17.1.0.1, 17.1.0.2, 17.1.0.3, 17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3, 17.1.1.4
Fixed In:
17.1.2
Opened: Apr 28, 2023 Severity: 3-Major
Request with a cross-origin violation, raises a violation when the violation is not enabled.
Although the violation "Illegal cross-origin request" is disabled, still the violation is raised.
- URL configured with enable staging and "CORS Enforcement" - Violation "Illegal cross-origin request" is disabled - Send a request with an illegal cross-origin header to that URL
None
The violation "Illegal cross-origin request" is now raised only when it is enabled.