Bug ID 710044: Portal Access: same-origin AJAX request may fail in some case.

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6

Fixed In:
14.1.0

Opened: Mar 13, 2018
Severity: 3-Major

Symptoms

If base URL for current HTML page contains default port number, same-origin AJAX request from this page may fail via Portal Access.

Impact

Web application may not work correctly.

Conditions

- HTML page with explicit default port in base URL, for example: <base href='https://some.com:443/path/'> - Same-origin AJAX request from this page, for example: var xhr = new XMLHttpRequest; xhr.open('GET', 'some.file');

Workaround

It is possible to use iRule to remove default port number from encoded back-end host definition in Portal Access requests, for example: when RULE_INIT { # hex-encoded string for 'https://some.com' set ::encoded_backend {68747470733a2f2f736f6d652e636f6d} # '3a343433' is hex-encoded form for ':443' set ::pattern "/f5-w-${encoded_backend}3a343433\$" set ::remove_end [ expr { [ string length $::pattern ] - 2 } ] set ::remove_start [ expr {$::remove_end - 7} ] } when HTTP_REQUEST { if { [HTTP::path] starts_with "$::pattern" } { set path [ string replace [HTTP::path] $::remove_start $::remove_end "" ] HTTP::path "$path" } }

Fix Information

Now same-origin AJAX requests are handled correctly if URL contains default port number.

Behavior Change