Forum Discussion

Altocumulus

Jul 26, 2018

HTTP headers in /tsbd/ /tspd/ fictive pages

Hi, In some circumstances (specific "checks") F5 ASM injecting javascript to server responses. These javascripts are situated on fictive urls, which are "hosted" on F5. i.e.:

.../tspd/...

.../tsbd/..

When client request these files, F5 response with javascript file.

Is it possible to set specific HTTP Headers in these responses (i.e. Strict-Transport-Security) ?

Thanks,

ASM Advanced WAF

iRules

security

1 Reply

rob_carr
Cirrocumulus
Jul 26, 2018
There is an iRule showing how to add HSTS here: Tightening the Security of HTTP Traffic Part 2 .

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

announcement

Appworld2026

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

HTTP headers in /tsbd/ /tspd/ fictive pages

1 Reply

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

Share what you learned on DevCentral in 2025

Failing over Virtual F5 VE to DR location using Zerto

Unblock Request WAF

TLS handshake failure from BIG-IP to backend – Fatal Alert: Decode Error (Server SSL)

Failing over of a Virtual F5 configuration to another location using Zerto restore process

Related Content

Strict header Insertion

(HTTP) Redirection via Arbitrary Host Header

Log Http Headers

F5 XC Distributed Cloud HTTP Header/Cookie manipulations and using the client ip/user headers

Security Headers Insertion

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS