Bug ID 1224409: Unable to set session variables of length >4080 using the -secure flag

Last Modified: Mar 30, 2024

Affected Product(s):
BIG-IP APM(all modules)

Known Affected Versions:
16.1.2,,, 16.1.3,,,,,

Fixed In:
17.1.1, 16.1.4, 15.1.10

Opened: Jan 13, 2023

Severity: 4-Minor


Secure Session Variables are limited to 4k length in the access filter, unable to set variables of length >4080 using the "ACCESS::session data set -secure". On trial an error "Operation not supported" gets raised in LTM.


Customers have the requirement of setting variables more than 6K in length, but due to internal limits imposed on the session variables they are unable to capture them in the session.


The limit imposed on the maximum URI in CL1416175 in 2015 restricts setting secure session variables greater than 4K in size.



Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips