Last Modified: Oct 17, 2023
Affected Product(s):
BIG-IP FPS
Known Affected Versions:
11.6.0, 12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2
Fixed In:
12.1.0, 12.0.0 HF3, 11.6.1
Opened: Dec 20, 2015 Severity: 2-Critical
The "Missing component" checker looks only looks at referrer header path and not the domain name. The result is a false positive alert indicating the cookie is missing.
False positive missing component alerts when redirecting from other sites to a WebSafe protected site.
The referrer is coming from a different domain and the system is still performing component validation check.
Do not configure the same URL as a protected page.
The Missing Component check now looks at the referrer header path as well as the domain name. This prevents false-positive Missing Component alerts when redirecting from other sites to a WebSafe protected site.