Last Modified: Nov 07, 2022
Affected Product:
See more info
BIG-IP LTM
Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 15.0.0, 15.0.1
Fixed In:
15.1.0, 15.0.1.1, 14.1.2.3
Opened: Aug 16, 2019
Severity: 3-Major
When HTTP response has neither Content-Length nor Transfer-Encoding and has a body, BIG-IP closes a connection to designate end of the response body. HTTP protocol allows to send HEAD request instead of GET request to obtain a response headers only (without). BIG-IP erroneously closes a connection when a response to HEAD request lacks both Content-Length and Transfer-Encoding.
Connection closes and a client may not repeat the corresponding GET request on another connection.
BIG-IP has a virtual server configured to use an HTTP profile. The server response does not include the Content-Length or Transfer-Encoding headers in response to a HEAD request, and both client and server sides expects the communication to continue over the same connection.
None
Connection keeps opened when an unsized response provided to a HEAD request.