Body in GET or HEAD Rquest

Question

Why the following request is as HTTP Protocol Compliance Failed: Body in GET or HEAD&nbsp;
GET /xyzweb/maintenancePage/maintenance.html HTTP/1.1
Accept: /
Content-Type: text/plain;charset=UTF-8
X-TS-AJAX-Request: true
Referer: https://www.testing.com/ib/index.htmlfavoriteBillPayment/create/view
Accept-Language: ar-sa
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Trident/6.0)
Host: 
DNT: 1
Connection: Keep-Alive
Cookie: Cookie...........&nbsp;

samstep · Answer

You didn't copy-paste the full request here. I suspect that there is an additional line break character or some other extra characters in this GET after the header which is being treated like a body. &nbsp;
The User-Agent looks a bit suspicions as well - who uses IE10 on Windows 8 these days??? Microsoft stopped supporting IE10 in February 2016... So this might actually be an attack - looks like it is hitting your maintenance page, so this might give you a clue&nbsp;

samstep_81205 · Answer

You didn't copy-paste the full request here. I suspect that there is an additional line break character or some other extra characters in this GET after the header which is being treated like a body. &nbsp;
The User-Agent looks a bit suspicions as well - who uses IE10 on Windows 8 these days??? Microsoft stopped supporting IE10 in February 2016... So this might actually be an attack - looks like it is hitting your maintenance page, so this might give you a clue&nbsp;

msz · Answer

Hi,
I knew this page. It appears when it desired.
I only remove the cookie else all is complete.&nbsp;
YES the MSIE. It might be the cause.&nbsp;
Note: Only a couple of requests arrived when we push this page.&nbsp;

msz · Answer

Some of the requests are MSIE 10.0 but why the following one:
GET /xyzweb/123Page/abcd.html HTTP/1.1
Accept: /
Content-Type: text/plain;charset=UTF-8
X-TS-AJAX-Request: true
Referer: https://www.testingsite.com/xyz/login.html?reason=logout
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatxyzle; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Host: 
Connection: Keep-Alive
Cookie: JSESSIONID=00010JT2NSVMC3iAJAHi9nBLDQK:182vmdn0i; Cookie=!/0S/GuMqz5bo7WBzV/xrZLpowLooIKTuyRjQ+RMKygKQ/9K4Iv8RSympA5S/AVsdzjBdKztuyrHqaw==; TS01ebdb18=0199a2d53bf8cdbe5a589aac57dff90616968ffdd8c766c880a284db9f36c98d141e5f719a9792faf9126cc767783c637bdeb27357a858bcefa2a0b6eeb23c93b336aa0af8175220e922c248933ced65b248d6468e4a0069a9ba4b830940c0152858aee0aa; _ga=GA1.1.409432284.1505379269; preferredlanguage=en; loginid=; _gid=GA1.1.98417713.1531995769; dtPC=196018638_391h8; dtSa=false|C|8|OK|extjs^c e3.4.1.1|1532062325145|196018638_391|https://www.testingsite.com/xyz/login.html?reason=logout|xyz company|1531996023510|; ___tk28101=0.030359965681181156; dtLatC=8; dtCookie=8D866BE196FA8E5344559EB579D6AC4B|Uml5YWRPbmxpbmV8MQ&nbsp;

samstep · Answer

OK, so in your header it looks like there is an extra line break in encrypted cookie: Cookie=!/0S/GuMqz5bo7WBzV/xrZLpowLooIK...&nbsp;
everything after it might be  potentially treated as data&nbsp;

Forum Discussion

Body in GET or HEAD Rquest

Recent Discussions

F5 BIG-IP

BIG-IP Oauth Client and AS

How to Renew F5 Device Certificate

Use of SSL Decryption.

Big IP DNS Failover

Related Content

Wearables Head to Tail

Body in GET or HEAD requests

Rewrite the post operation with a body.

F5 Friday: Two Heads are Better Than One

TAP Partner Update: ‘Headed to NetApp Insight!’

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS