Bug ID 756306: "Illegal parameter location" violation is reported for array parameter and for each item

Last Modified: Nov 07, 2022

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
15.0.0, 15.0.1,,,,

Fixed In:

Opened: Jan 23, 2019

Severity: 4-Minor


When OpenApi2 (Swagger) array parameter receives an illegal location, the violation is reported both for the array parameter, and for each element of array.


Excessive "illegal location" violations are reported in log.


- API security policy has an array parameter configured - The array parameter is sent in location different from expected



Fix Information

ASM code was fixed to report the "illegal location" violation only on the array parameter, not on each element.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips