Bug ID 747136: CSRF fires Javascript error in IE7 or IE11 Compatibility View to IE7

Last Modified: Jan 06, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 13.1.3.2

Fixed In:
15.0.0

Opened: Oct 18, 2018
Severity: 3-Major

Symptoms

When csrf enabled in asm policy, it fires javascript errors in IE7

Impact

csrf doesn't work in IE7, POST requests being sent from IE7 will be blocked.

Conditions

- ASM provisioned - ASM policy attached to a virtual - ASM csrf protection configured - An HTML page accessed via IE7 or IE11 Compatibility View to IE7

Workaround

Disable CSRF protection in asm policy

Fix Information

csrf code is fixed and now have basic support for IE7

Behavior Change