Bug ID 726852: AVR inject CSPM event when there is no analytics profile on the virtual server

Last Modified: May 14, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP ASM, AVR(all modules)

Known Affected Versions:
14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4

Fixed In:
14.1.0

Opened: Jul 05, 2018
Severity: 3-Major

Symptoms

When there is a request for page load time in the analytics profile, and changes to the configuration remove the analytics profile, AVR will continue to inject the Client Side Performance Monitoring (CSPM) cookie.

Impact

Page-load-time cookie is injected when it should not be.

Conditions

-- Request for page-load-time statistic. -- The analytics profile has been removed from the virtual server.

Workaround

Uncheck the page-load-time checkbox before removing the profile from the virtual server.

Fix Information

AVR now injects CSPM cookie only when it needed.

Behavior Change