Forum Discussion

Cirrus

Dec 11, 2018

Solved

ASM Transparent mode blocking CORS requests

Hello community, I would like to know if anyone have seen or had an issue with CORS (Cross-Origin Resource Sharing) and ASM, i have an problem with Javascript request that its been blocked by CO...

application delivery

ASM Advanced WAF

security

Alex_Nimo_26616
Dec 15, 2018
Hi Hugo,

Thanks for the update. I agree, this is unacceptable. Never encountered something like this with ASM and I have dealt with CORS many times before. You can play with the CORS configuration through ASM or with an irule, I think that this is what I will do.

Alex_Nimo_26616

Altocumulus

Dec 13, 2018

Stumbled upon very similar issue yesterday. When ASM is configured( simple profile ) even in transparent mode, users on mobile chrome receive CORS error on certain iframes. When ASM is disabled, everything works flawlessly. Need to verify if ASM is striping down the CORS headers...

rodolfosalgado_

Altostratus

Feb 20, 2019

I just had the same problem in my F5 BIG IP ASM 14.1.0.1. If I remove the WAF everything works flawless, I would expect at least the WAF in transparent mode to work but that isn't the case either...

Forum Discussion

ASM Transparent mode blocking CORS requests

Win Big in Vegas: The iRules Contest is back with $5k on the line at AppWorld 2026

Jürgen - February 2026 Featured Member

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

Related Content

Transparent Load Balancing in Azure

Understanding F5's Transparent Mode vs Blocking Mode with a Focus on Geo-Blocking

Logging/Blocking possible prompt injection

Transparent load balancing in Azure, Part 2

iRules Recipe 2: Transparent Request Target Rewriting