Bug ID 1087005: Application charset may be ignored when using Bot Defense Browser Verification

Last Modified: Jan 06, 2023

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1

Opened: Mar 15, 2022
Severity: 3-Major

Symptoms

In some cases, when using Bot Defense Browser Verification, the application <meta charset> tag may be ignored.

Impact

Random meta chars are viewed in the web page.

Conditions

-- Bot Defense Profile is attached to a virtual server. -- Bot Defense "Browser Verification" is configured to "Verify Before Access" or "Verify After Access" -- Backend application uses non-standard charset.

Workaround

Run the command: tmsh modify sys db dosl7.parse_html_inject_tags value "after,body"

Fix Information

None

Behavior Change

Have a question?

About F5

Education

F5 sites

Support Tasks

© F5, Inc. All rights reserved. Policies | Privacy | Trademarks