Bug ID 756306: "Illegal parameter location" violation is reported for array parameter and for each item

Last Modified: Jul 24, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4

Fixed In:
16.0.0

Opened: Jan 23, 2019
Severity: 4-Minor

Symptoms

When OpenApi2 (Swagger) array parameter receives an illegal location, the violation is reported both for the array parameter, and for each element of array.

Impact

Excessive "illegal location" violations are reported in log.

Conditions

- API security policy has an array parameter configured - The array parameter is sent in location different from expected

Workaround

N/A

Fix Information

ASM code was fixed to report the "illegal location" violation only on the array parameter, not on each element.

Behavior Change