Bug ID 697636: ACCESS is not replacing headers while replacing POST body

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP APM(all modules)

Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.1.0,,,

Fixed In:
14.0.0,, 13.0.1

Opened: Dec 05, 2017

Severity: 3-Major


If the first request for a session is a POST, APM will save the POST to replay after the policy completes. When the POST is restored after policy completion and released to the backend, the headers are the same as the most recent client request, not the original POST. In particular, the Content-Length header will not match the original POST.


Backend servers may complain of an incomplete HTTP POST due to a mismatching Content-Length header.


First request for the session is a POST.



Fix Information

Now, the system takes all headers from the original POST, except the Authorization header that Kerberos RBA needs, which is taken from the most recent client request.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips