Forum Discussion

Vinne73's avatar
Vinne73
Icon for Cirrus rankCirrus
Nov 06, 2024

Invalid Content-Length header caused Big-IP to terminate connection?

Hi all, I updated our Big-IP cluster to 17.1.1.4 last monday, and now I have a strange problem. When doing a HTTP request to any VIP, using POST but just as well GET or ..., and specifying an invali...
  • Juergen_Mang's avatar
    Nov 06, 2024

    telnet 192.168.1.1 80
    Trying 192.168.1.1...
    Connected to 10.125.245.56.
    Escape character is '^]'.
    GET / HTTP/1.1
    Host: test
    Content-Length: abc
    Connection closed by foreign host.

     

    Same behavior in my environment. From which version do you upgrade?

    I think this behavior change was introduced with this bug fix:

    http://cdn.f5.com/product/bugtracker/ID1354253.html

     

    Yes I know invalid Content-Length headers are not ok, but clients should not be punished for it imo. And GET should not have Content-Length anyway, but then the Big-IP should just ignore it, right?

    Validating headers is essential for security, but it is bad that there is no logging entry.