Bug ID 781725: BIG-IP systems might not complete a short ICAP request with a body beyond the preview

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP APM, LTM, PEM(all modules)

Known Affected Versions:
14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4

Fixed In:
15.1.0, 14.1.2.5

Opened: May 13, 2019
Severity: 2-Critical

Symptoms

An ICAP request (REQMOD or RESPMOD) body goes out to the ICAP server as far as a preview. If the server responds 100-continue, only a single chunk of the remaining payload might be sent to the server. Eventually the connection times out.

Impact

Only the first chunk of payload is sent after the preview, and eventually the connection times out.

Conditions

-- An ICAP profile is configured with a preview. -- The HTTP request or response to be modified has a body that is more than one chunk longer than the preview length, yet short enough to be completely buffered in BIG-IP system before the preview is sent to the ICAP server. -- The ICAP server responds with 100-continue.

Workaround

None.

Fix Information

The BIG-IP system now sends the complete ICAP request to the server, and the transaction completes normally.

Behavior Change