Bug ID 1382141: Query string gets stripped when bot defense redirects request via Location header, with versions that have the fix for ID890169

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP ASM, Install/Upgrade(all modules)

Known Affected Versions:
15.1.10, 15.1.10.2, 15.1.10.3, 15.1.10.4, 16.0.0, 16.0.0.1, 16.0.1, 16.0.1.1, 16.0.1.2, 16.1.0, 16.1.1, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5, 16.1.4, 16.1.4.1, 16.1.4.2, 16.1.4.3, 17.0.0, 17.0.0.1, 17.0.0.2, 17.1.0, 17.1.0.1, 17.1.0.2, 17.1.0.3, 17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3

Opened: Oct 20, 2023

Severity: 3-Major

Symptoms

The query parameter is missing in the Location header, after upgrading to BIG-IP to the versions that have the fix for ID890169, with a redirect challenge. This can cause 307 redirect requests from the BIG-IP system.

Impact

Dropping query string results in an unrecognized resource request to the server.

Conditions

The bot profile is attached to the virtual server.

Workaround

None

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips