Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP FPS
Fixed In:
12.1.2 HF1
Opened: Jan 02, 2017 Severity: 3-Major
WebSafe doesn't support parameters encryption in Single Page Applications (using AJAX)
Encryption won't work for Single Page Applications
Application uses AJAX for sending parameters to web server
N/A
Adding AJAX encryption support (full payload encryption) for 12.1.2-hf, enabling this feature requires: tmsh modify sys db antifraud.internalconfig.string1 value <AJAX-HEADER-NAME> AJAX-HEADER-NAME existence will enable AJAX support for current request and its value may contain the username used in current request (if configured and exists) Note that activating AJAX support in releases > 12.1.2-hf is done differently (configured in profile, not in db)