Bug ID 632532: The BIG-IP system should append the source IP address to the existing X-Forwarded-For header

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1

Fixed In:
13.1.0

Opened: Dec 08, 2016

Severity: 3-Major

Related Article: K50499256

Symptoms

When an X-Forwarded-For entry is added, it should be appended to an existing HTTP header, rather than creating a new one. When detecting whether an IP address is within an X-Forwarded-For header, all such headers should be inspected.

Impact

In some cases, the handling of X-Forwarded-For HTTP headers may be incorrect.

Conditions

Functionality that either reads or writes to HTTP X-Forwarded-For headers is used. This may include features of the HTTP profile, the ASM module, or other modules.

Workaround

None.

Fix Information

The handling of reading or writing to HTTP X-Forwarded-For headers has been improved.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips