Operational Defect Database
BugZero found this defect 328 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
F5 | 1292645
False positive CORS violation can occur after upgrading to 17.1.x under certain conditions
Last update date:
5/3/2024
Affected products:
BIG-IP
BIG-IP ASM
BIG-IP Install/Upgrade
Affected releases:
No affected releases provided.
Fixed releases:
17.1.1
Description:
Bug ID 1292645: False positive CORS violation can occur after upgrading to 17.1.x under certain conditions ... Last Modified: May 03, 2024 ... CORS violation can start appearing after upgrading to 17.1.x. ... Impact ... Requests with HTTPS protocol can get blocked with CORS violation. ... 1) CORS violation is enabled. ... 2) CORS configuration is done with port 80 on a particular URL. ... Change configured CORS port to 443 for URLs that receive HTTPS traffic. ... Fix Information ... Added a new bd internal variable "cors_default_port_80" which can be used to allow HTTPS traffic with CORS port configured as 80. ... Behavior Change
