Bug ID 628351: Redirect loops on URLs with Path Parameters when Proactive Bot Defense is enabled

Last Modified: Jun 04, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5

Fixed In:
13.0.0, 12.1.3

Opened: Nov 14, 2016
Severity: 3-Major

Symptoms

When Proactive Bot Defense is enabled, requests to URLs with Path Parameters (URLs containing a semicolon ;) may get stuck on a redirect loop. This typically applies to URLs which do not respond with HTML content or to URLs with low traffic.

Impact

Clients cannot access the web server, getting caught in an infinite redirect loop.

Conditions

-- Proactive Bot Defense is enabled. -- URLs use Path Parameters (containing the semicolon ; character).

Workaround

None.

Fix Information

Requests to URLs with ";" no longer get stuck in a redirect loop when Proactive Bot Defense is enabled.

Behavior Change