Bug ID 900593: New HTTP profile object 'Enforce RFC Compliance' is missing in GUI Online Help

Last Modified: Jul 23, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4, 15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 16.0.0, 16.0.0.1, 16.0.1, 16.0.1.1, 16.0.1.2

Opened: Apr 17, 2020
Severity: 4-Minor

Symptoms

'Enforce RFC Compliance' object is added in HTTP profile but there is no corresponding section in the GUI Online Help.

Impact

GUI online help is not available for the configuration object.

Conditions

1. Navigate to Local Traffic :: Profiles : Services : HTTP :: New HTTP Profile... Local Traffic :: Profiles : Services : HTTP :: <http_profile_name> 2. View OLH for Enforcement section. Enforce RFC Compliance is present in the GUI but not described in GUI OLH.

Workaround

The online help should read as follows: Enforce RFC Compliance Enforces strict RFC compliance of HTTP requests. Malformed requests that do not conform to HTTP RFCs, such as those with both a Content-Length and Transfer-Encoding header, are rejected. The default is disabled, meaning that malformed requests are allowed. You can find additional information in K50375550: A specifically crafted HTTP request may lead the BIG-IP system to pass malformed HTTP requests to a target pool member web server (HTTP Desync Attack) :: https://support.f5.com/csp/article/K50375550.

Fix Information

None

Behavior Change