For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Vinne73's avatar
Vinne73
Icon for Cirrus rankCirrus
Sep 25, 2018

Chrome prefetch breaks APM sessions?

Hi,   We use Big-IP APM as a SAML SP for Shibboleth IdP. Our APM Policy is nothing too fancy. It's a multi-domain SSO.   The problem: we see a lot of /my.logout.php3?errorcode=21 in /var/log/lt...
BIG-IP Access Policy Manager (APM)
devops
saml
Marc-André_Mig1's avatar
Marc-André_Mig1
Icon for Nimbostratus rankNimbostratus
Oct 05, 2018

When using the following CLI command "load sys config from-terminal merge" to copy the whole iRule with the code submitted by Stanislas, we got the following warning under build BIG-IP 12.1.3.6 Build 0.0.3 Point Release 6. This error is not caught under the configuration utility.

 

when ACCESS_SESSION_STARTED { if {[HTTP::header Purpose] equals "prefetch"} { ACCESS::respond 403 -version "1.1" noserver "Connection" "Close" ACCESS::session remove return } }

 

warning: [The following errors were not caught before. Please correct the script in order to avoid future disruption. "unexpected token(s): ' Connection Close'"1146 65][ACCESS::respond 403 -version "1.1" noserver "Connection" "Close"]

 

Should we be worries about it?