Bug ID 1224409: Unable to set session variables of length >4080 using the -secure flag

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP APM(all modules)

Known Affected Versions:
16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5

Fixed In:
17.1.1, 16.1.4, 15.1.10

Opened: Jan 13, 2023

Severity: 4-Minor

Symptoms

Secure Session Variables are limited to 4k length in the access filter, unable to set variables of length >4080 using the "ACCESS::session data set -secure". On trial an error "Operation not supported" gets raised in LTM.

Impact

Customers have the requirement of setting variables more than 6K in length, but due to internal limits imposed on the session variables they are unable to capture them in the session.

Conditions

The limit imposed on the maximum URI in CL1416175 in 2015 restricts setting secure session variables greater than 4K in size.

Workaround

None

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips