Body in GET or HEAD Rquest

Question

Why the following request is as HTTP Protocol Compliance Failed: Body in GET or HEAD&nbsp;
GET /xyzweb/maintenancePage/maintenance.html HTTP/1.1
Accept: /
Content-Type: text/plain;charset=UTF-8
X-TS-AJAX-Request: true
Referer: https://www.testing.com/ib/index.htmlfavoriteBillPayment/create/view
Accept-Language: ar-sa
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Trident/6.0)
Host: 
DNT: 1
Connection: Keep-Alive
Cookie: Cookie...........&nbsp;

samstep · Answer

You didn't copy-paste the full request here. I suspect that there is an additional line break character or some other extra characters in this GET after the header which is being treated like a body. &nbsp;
The User-Agent looks a bit suspicions as well - who uses IE10 on Windows 8 these days??? Microsoft stopped supporting IE10 in February 2016... So this might actually be an attack - looks like it is hitting your maintenance page, so this might give you a clue&nbsp;

samstep_81205 · Answer

You didn't copy-paste the full request here. I suspect that there is an additional line break character or some other extra characters in this GET after the header which is being treated like a body. &nbsp;
The User-Agent looks a bit suspicions as well - who uses IE10 on Windows 8 these days??? Microsoft stopped supporting IE10 in February 2016... So this might actually be an attack - looks like it is hitting your maintenance page, so this might give you a clue&nbsp;

msz · Answer

Hi,
I knew this page. It appears when it desired.
I only remove the cookie else all is complete.&nbsp;
YES the MSIE. It might be the cause.&nbsp;
Note: Only a couple of requests arrived when we push this page.&nbsp;

msz · Answer

Some of the requests are MSIE 10.0 but why the following one:
GET /xyzweb/123Page/abcd.html HTTP/1.1
Accept: /
Content-Type: text/plain;charset=UTF-8
X-TS-AJAX-Request: true
Referer: https://www.testingsite.com/xyz/login.html?reason=logout
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatxyzle; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: 
Connection: Keep-Alive
Cookie: JSESSIONID=00010JT2NSVMC3iAJAHi9nBLDQK:182vmdn0i; Cookie=!/0S/GuMqz5bo7WBzV/xrZLpowLooIKTuyRjQ+RMKygKQ/9K4Iv8RSympA5S/AVsdzjBdKztuyrHqaw==; TS01ebdb18=0199a2d53bf8cdbe5a589aac57dff90616968ffdd8c766c880a284db9f36c98d141e5f719a9792faf9126cc767783c637bdeb27357a858bcefa2a0b6eeb23c93b336aa0af8175220e922c248933ced65b248d6468e4a0069a9ba4b830940c0152858aee0aa; _ga=GA1.1.409432284.1505379269; preferredlanguage=en; loginid=; _gid=GA1.1.98417713.1531995769; dtPC=196018638_391h8; dtSa=false|C|8|OK|extjs^c e3.4.1.1|1532062325145|196018638_391|https://www.testingsite.com/xyz/login.html?reason=logout|xyz company|1531996023510|; ___tk28101=0.030359965681181156; dtLatC=8; dtCookie=8D866BE196FA8E5344559EB579D6AC4B|Uml5YWRPbmxpbmV8MQ&nbsp;

samstep · Answer

OK, so in your header it looks like there is an extra line break in encrypted cookie: Cookie=!/0S/GuMqz5bo7WBzV/xrZLpowLooIK...&nbsp;
everything after it might be  potentially treated as data&nbsp;

Forum Discussion

Body in GET or HEAD Rquest

6 Replies

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

UCS Encryption Question

Unblock Request WAF

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

VIP in https that redirect to another vip in https

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

Wearables Head to Tail

Body in GET or HEAD requests

NGINX Plus Request body Rate Limit with the NJS module and javascript

F5 Friday: Two Heads are Better Than One

TAP Partner Update: ‘Headed to NetApp Insight!’

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS