Bug ID 697636: ACCESS is not replacing headers while replacing POST body

Last Modified: May 14, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3

Fixed In:
14.0.0, 13.1.0.4, 13.0.1

Opened: Dec 05, 2017
Severity: 3-Major

Symptoms

If the first request for a session is a POST, APM will save the POST to replay after the policy completes. When the POST is restored after policy completion and released to the backend, the headers are the same as the most recent client request, not the original POST. In particular, the Content-Length header will not match the original POST.

Impact

Backend servers may complain of an incomplete HTTP POST due to a mismatching Content-Length header.

Conditions

First request for the session is a POST.

Workaround

None.

Fix Information

Now, the system takes all headers from the original POST, except the Authorization header that Kerberos RBA needs, which is taken from the most recent client request.

Behavior Change