Bug ID 726852: AVR inject CSPM event when there is no analytics profile on the virtual server

Last Modified: Nov 07, 2022

Affected Product(s):
BIG-IP ASM, AVR(all modules)

Known Affected Versions:
14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4

Fixed In:
14.1.0, 14.0.0.5

Opened: Jul 05, 2018

Severity: 3-Major

Symptoms

When there is a request for page load time in the analytics profile, and changes to the configuration remove the analytics profile, AVR will continue to inject the Client Side Performance Monitoring (CSPM) cookie.

Impact

Page-load-time cookie is injected when it should not be.

Conditions

-- Request for page-load-time statistic. -- The analytics profile has been removed from the virtual server.

Workaround

Uncheck the page-load-time checkbox before removing the profile from the virtual server.

Fix Information

AVR now injects CSPM cookie only when it needed.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips

Have a question?

About F5

Education

F5 sites

Support Tasks

© F5, Inc. All rights reserved. Policies | Privacy | Trademarks