For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

test_test_34865's avatar
test_test_34865
Icon for Nimbostratus rankNimbostratus
Jun 27, 2007

Firepass shows names of internal hosts

Hi everyone,

 

We had some problems with some JavaScripts and we pointed out one very awfull problem of Firepass.

 

 

Problem description.

 

- An web application that is in a protected domain (my-protected-domain.com) is accessed through a Firepass (my-firepass-server.com).

 

- A alert(window.location.href) is called from one of the HTML pages (see below example).

 

- The message displayed by the JavaScript is https://my-protected-domain.com/test.html instead of https://my-firepass-server.com/test.html.

 

 

Can anyone confirm this behaviour?

 

Is it a Firepass bug or do I made something wrong ?

 

 

Thank you in advance.

 

 

 

 

 

Untitled

 

 

 

 

 

BIG-IP Access Policy Manager (APM)
remote access
security
No RepliesBe the first to reply