Bug ID 439321: Request to allow BOM for JSON in a middle of stream

Last Modified: Nov 07, 2022

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
11.2.0, 11.2.1, 11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.10, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9

Fixed In:
11.6.0, 11.5.0 HF1, 11.4.0 HF6

Opened: Dec 01, 2013

Severity: 3-Major

Symptoms

ASM blocks the post JSON page when tried to submit the autoreply in OWA.

Impact

False blocking request.

Conditions

Sending post JSON page with BOM (Byte Order Mark).

Workaround

N/A

Fix Information

ASM now supports byte order mark (BOM) in the middle of JSON stream (ASM already supports BOM in the middle of XML stream). This can be used to avoid blocking or triggering a JSON violation. Use the internal parameter "allowBOMInXMLValue", not displayed in the Configuration utility, to turn on BOM support in the middle of JSON or XML stream. To do this, you must change the default value of "allowBOMInXMLValue" from 0 (off) to 1 (on).

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips