Bug ID 1113881: Headers without a space after the colon trigger an HTTP RFC violation

Last Modified: Mar 26, 2023

Affected Product(s):
BIG-IP ASM(all modules)

Fixed In:
17.1.0

Opened: Jun 13, 2022

Severity: 3-Major

Symptoms

An "Unparsable request content" violation is detected for valid headers without a space after the headers name ':'

Impact

Requests that suppose to pass are blocked by ASM enforcer

Conditions

Any header without a space between the ':' and the header value will trigger "Unparsable request content"

Workaround

The client has to send headers with space after ':'

Fix Information

No "Unparsable request content" violation for headers with space after ':'

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips

Have a question?

About F5

Education

F5 sites

Support Tasks

© F5, Inc. All rights reserved. Policies | Privacy | Trademarks