Bug ID 893161: Internal request to volatile.html used for cookie transport in Portal Access is sometime rewritten

Last Modified: Jan 20, 2023

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.3, 13.1.3.4, 13.1.3.5, 13.1.3.6, 13.1.4, 13.1.4.1, 13.1.5, 13.1.5.1, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1, 14.1.4, 14.1.4.1, 14.1.4.2, 14.1.4.3, 14.1.4.4, 14.1.4.5, 14.1.4.6, 14.1.5, 14.1.5.1, 14.1.5.2, 14.1.5.3, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4, 15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 16.0.0, 16.0.0.1, 16.0.1, 16.0.1.1, 16.0.1.2, 16.1.0, 16.1.1, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3

Opened: Mar 26, 2020
Severity: 4-Minor

Symptoms

Request to volatile.html gets rewritten which reaches the backend server causing error responses from backend server.

Impact

Error response from the back end server since volatile.html is internal to Portal Access

Conditions

Re-definition of XMLHttpREquest.prototype.open in the web application.

Workaround

Custom iRule, there is no generic irule but it can be implemented depending on the web application requirement. Sample iRule: XXXXX is web application path # # workaround for rewritten request for /volatile.html # (remove link to opener if opener is full webtop) # when REWRITE_REQUEST_DONE { if { [HTTP::path] ends_with "XXXXX" } { # log "URI=([HTTP::path])" # Found the file to modify REWRITE::post_process 1 set do_fix 1 } } when REWRITE_RESPONSE_DONE { if {[info exists do_fix]} { unset do_fix set str {if(typeof(F5_flush)!=='function')} set strt [string first $str [REWRITE::payload]] if {$strt > 0} { REWRITE::payload replace 0 $strlen { if (window.opener && window.opener.name === 'F5_Opener') window.opener=null; } } }

Fix Information

None

Behavior Change

Have a question?

About F5

Education

F5 sites

Support Tasks

© F5, Inc. All rights reserved. Policies | Privacy | Trademarks