Bug ID 484053: ASM JavaScripts are not injected or they are injected to the wrong place

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10, 11.6.0, 11.6.1, 11.6.2, 11.6.3,,,,, 11.6.4, 11.6.5,,,, 12.1.0 HF1, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2

Fixed In:

Opened: Oct 13, 2014

Severity: 3-Major

Related Article: K73515314


ASM JavaScripts (such as CSRF or CSHUI) are not injected, or they are injected in the wrong place in the code.


Page fails to load, application broken, or the script does not function.


A feature with JavaScript injection is configured and there is an apostrophe or quotation marks in the response page.


This issue has no workaround at this time.

Fix Information

We improved the way ASM parses responses so that it can better detect where to inject JavaScript when there are quotation marks or apostrophes.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips