Last Modified: Apr 17, 2024
Affected Product(s):
BIG-IP TMOS
Known Affected Versions:
15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4, 15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 15.1.8.2, 15.1.9, 15.1.9.1, 15.1.10, 15.1.10.2, 15.1.10.3, 15.1.10.4, 16.0.0, 16.0.0.1, 16.0.1, 16.0.1.1, 16.0.1.2
Opened: Apr 17, 2020 Severity: 4-Minor
'Enforce RFC Compliance' object is added in HTTP profile but there is no corresponding section in the GUI Online Help.
GUI online help is not available for the configuration object.
1. Navigate to Local Traffic :: Profiles : Services : HTTP :: New HTTP Profile... Local Traffic :: Profiles : Services : HTTP :: <http_profile_name> 2. View OLH for Enforcement section. Enforce RFC Compliance is present in the GUI but not described in GUI OLH.
The online help should read as follows: Enforce RFC Compliance Enforces strict RFC compliance of HTTP requests. Malformed requests that do not conform to HTTP RFCs, such as those with both a Content-Length and Transfer-Encoding header, are rejected. The default is disabled, meaning that malformed requests are allowed. You can find additional information in K50375550: A specifically crafted HTTP request may lead the BIG-IP system to pass malformed HTTP requests to a target pool member web server (HTTP Desync Attack) :: https://support.f5.com/csp/article/K50375550.
None