Bug ID 915133: Single Page Application can break the page, when hooking is done by the end server application.

Last Modified: Jan 24, 2024

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
13.1.0,,,,,,,,, 13.1.1,,,,, 13.1.3,,,,,,, 13.1.4,, 13.1.5,, 14.0.0,,,,,, 14.0.1,, 14.1.0,,,,,, 14.1.2,,,,,,,,, 14.1.3,, 14.1.4,,,,,,, 14.1.5,,,,,, 15.0.0, 15.0.1,,,,, 15.1.0,,,,,, 15.1.1, 15.1.2,, 15.1.3,, 15.1.4,, 15.1.5,, 15.1.6,, 15.1.7, 15.1.8,,, 15.1.9,, 15.1.10,,, 16.0.0,, 16.0.1,,

Fixed In:

Opened: Jun 08, 2020

Severity: 4-Minor


When the end server application hooks some of the XHR callback functions (onload, onreadystate, send, open..), and a Single Page Application is used, the application page may malfunction.


Web page does not render properly. It might result in a blank page, missing functionality, etc.


This may occur when a server application hooks some XHR callbacks, and one of the following: -- Bot Defense Profile with 'Single Page Application' enabled and attached to the virtual server. -- ASM Policy with 'Single Page Application' enabled and a JS feature is attached to the virtual server. -- DoS Profile with Application Security and 'Single Page Application' enabled and is attached to the virtual server.


Run the command: tmsh modify sys db dosl7.parse_html_inject_tags value "after,body"

Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips