Forum Discussion

Nimbostratus

Jan 17, 2023

ASM: Apostroph (0x27) char in header value

Hi, we see HTTP requests comming in where the User-Agent header ist delimited by an apostroph (0x27 ASCII). The ASM flags this as a violation and suggests me to allow that char. As far as I unterst...

security

Juergen_Mang

MVP

Jan 17, 2023

It depends on:

if you want to allow the client, you must disable this protection
else ignore the suggestion

There are some browsers, mostly from smartphones, that violates the rfc's and sends non-ascii characters in headers.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

Community Articles

application delivery

CIS

container ingress services

devops

Gateway Fabric

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

announcement

Appworld2026

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

ASM: Apostroph (0x27) char in header value

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

Service discovery is not happening in AS3

Load balanced RDP VIP use in APM

Deleting an AS3 Tenant

Request for Bug Tracker/Known Issues – BIG-IP Version 17.5.1.2

AST Configuration Assistance

Related Content

Strict header Insertion

(HTTP) Redirection via Arbitrary Host Header

Log Http Headers

F5 XC Distributed Cloud HTTP Header/Cookie manipulations and using the client ip/user headers

Security Headers Insertion

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS