Bug ID 747136: CSRF fires Javascript error in IE7 or IE11 Compatibility View to IE7

Last Modified: May 23, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5

Fixed In:
15.0.0

Opened: Oct 18, 2018
Severity: 3-Major

Symptoms

When csrf enabled in asm policy, it fires javascript errors in IE7

Impact

csrf doesn't work in IE7, POST requests being sent from IE7 will be blocked.

Conditions

- ASM provisioned - ASM policy attached to a virtual - ASM csrf protection configured - An HTML page accessed via IE7 or IE11 Compatibility View to IE7

Workaround

Disable CSRF protection in asm policy

Fix Information

csrf code is fixed and now have basic support for IE7

Behavior Change