Bug ID 478492: Incorrect handling of HTML entities in attribute values

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
11.4.1, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.10, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5

Fixed In:
12.0.0, 11.6.0 HF6, 11.5.3 HF2

Opened: Sep 09, 2014
Severity: 3-Major
Related Article:
K17476

Symptoms

If an HTML tag attribute contains HTML entities inside its value, this value may not be processed correctly by Portal Access.

Impact

Web application may not work correctly.

Conditions

For example, if a form action begins with '/' instead of '/', it will be rewritten although absolute action path should be left untouched. This leads to incorrect behavior of this web application.

Workaround

This issue has no workaround at this time.

Fix Information

Now HTML tag attributes with HTML entities inside their values are processed correctly.

Behavior Change