Bug ID 1068621: HTTP Response Headers Allowed are not compatible with access policies.

Last Modified: Jan 20, 2023

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
15.1.0,,,,,, 15.1.1, 15.1.2,, 15.1.3,, 15.1.4,, 15.1.5,, 15.1.6,, 15.1.7, 15.1.8,, 16.1.0, 16.1.1, 16.1.2,,, 16.1.3,,,

Opened: Dec 17, 2021
Severity: 4-Minor


APM is not compatible with the HTTP Profile "Response Headers Allowed."


Many headers in 'HTTP response' will be stripped off from APD response and which leads to HTTP response validation failure.


A HTTP profile with "Response Headers Allowed" is attached to APM virtual server and access.


Include specific internal APM headers (e.g. APD_OAuthRedirect, APD_Result, APD_AgentName, APD_SID) in the "Response Headers Allowed" along with other related headers.

Fix Information


Behavior Change