Bug ID 624085: IE11 on Win10 after Anniversary update may break APM session

Last Modified: Mar 21, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4

Opened: Oct 20, 2016
Severity: 3-Major
Related AskF5 Article:
K25471169

Symptoms

Internet Explorer version 11 on Windows version 10 Anniversary update does not send session cookie when retrieving shortcut icons. For example: <link rel="shortcut icon" href="fav_resource.ico" type="image/x-icon"> This may break APM session. This behavior is described in Microsoft issue (https://developer.microsoft.com/en-us/microsoft-edge/platform/issues/8748123/).

Impact

Web Application might not work via APM.

Conditions

- Windows version 10 Anniversary update. - Internet Explorer version 11. - Any Web application with "shortcut icon" resource.

Workaround

It is possible to use iRule to send HTTP 404 response to such requests and to delete incorrect APM session; for example: when ACCESS_SESSION_STARTED { if { [HTTP::method] equals "GET" and ( [HTTP::path] ends_with ".ico" or [HTTP::path] ends_with ".ico?F5CH=I" ) and [HTTP::header "User-Agent"] contains "Trident/7.0; rv:11.0" }{ ACCESS::session remove HTTP::respond 404 } }

Fix Information

None

Behavior Change