Bug ID 926929: RFC Compliance Enforcement lacks configuration availability

Last Modified: Feb 14, 2024

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
16.1.0, 16.0.1, 16.0.0,,

Fixed In:
16.1.0,,, 14.1.4, 13.1.4

Opened: Jul 14, 2020

Severity: 3-Major


Earlier versions contained fixes that enforce several RFC compliance items for HTTP request and response processing by BIG-IP systems. Enforcement for some of these items is unavoidable, but might cause issues for certain applications.


Some applications that require certain constructions after a header name may not function.


The configuration has a virtual server with an HTTP profile.



Fix Information

A configuration item has been introduced to manage RFC-compliance options. In releases 13.1.4, 14.1.4, and and in subsequent releases in those families, a global flag is used to control the enforcement: sys db tmm.http.rfc.allowwsheadername The possible values are "enabled" and "disabled"; the default is "enabled". In release 16.1.0 and subsequent releases, there are two per-profile options; these have been added to the Configuration Utility's configuration page for HTTP profiles, in the 'Enforcement' section: -- Enforce RFC Compliance -- Allow Space Header Name The following sample output shows how the RFC-compliance and whitespace-enforcement settings might appear in tmsh, if enabled: (tmos)# list ltm profile http http-wsheader ltm profile http http-wsheader { app-service none defaults-from http enforcement { allow-ws-header-name enabled rfc-compliance enabled } proxy-type reverse }

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips