Last Modified: Feb 28, 2025
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
17.1.1.3, 17.1.1.4, 17.1.2, 17.1.2.1
Fixed In:
17.5.0
Opened: Aug 20, 2024 Severity: 3-Major
The websocket traffic request field contains junk characters that require attention.
The request field in logging is wrong
- Websocket logging with request field - The websocket connection uses compression - The compression uses context takeover, which increases subsequent frames' compression rate ( same data size but smaller frame length, thanks to context takeover ).
Disable websocket compression. For instance, disable WebSocket compression by removing the "Sec-WebSocket-Extensions" header from the upgrade request HTTP request. This can be achieved through available options, Websocket profile, ASM configuration, or an iRule.
Need to fix the code logic in the request field population.