Bug ID 442313: Content length header leading whitespaces should not be counted as digits

Last Modified: May 14, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
11.2.1, 11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2

Fixed In:
11.6.0, 11.5.4, 11.5.0 HF1, 11.4.1 HF4, 11.4.0 HF6, 11.3.0 HF9

Opened: Jan 07, 2014
Severity: 3-Major

Symptoms

A customer has reported that they are seeing a non-trivial number of requests blocked with "HTTP Protocol compliance failed - Unparsable content length".

Impact

False positive of blocked requests upon content length headers with leading whitespaces.

Conditions

The customer has a proxy before ASM that adds whitespaces before the content-length.

Workaround

N/A

Fix Information

The system no longer blocks content length headers with leading whitespaces, because it is legal. The system used to issue the "HTTP protocol compliance failed" sub-violation: "Unparsable request content".

Behavior Change