Bug ID 1366445: [CORS] "Replace with" and "Remove header" CORS functionalities does not work

Last Modified: Jul 24, 2024

Affected Product(s):
BIG-IP ASM(all modules)

Fixed In:
16.1.5

Opened: Oct 04, 2023

Severity: 2-Critical

Symptoms

"Replace with" and "Remove header" CORS functionalities do not work

Impact

The request is blocked with "VIOL_CROSS_ORIGIN_REQUEST" violation

Conditions

-- Allow CORS Enabled "Replace headers" Or "Remove headers" enabled with Header 'AAA' -- Disallowed header 'AAA' in request sent

Workaround

None

Fix Information

The request passes with no violations.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips