Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

T_Rajneesh's avatar
T_Rajneesh
Icon for Nimbostratus rankNimbostratus
Jul 03, 2019

iRule to disallow request Content-Length HTTP header from being sent by server

I have encountered the below error.   http_process_state_prepend - Invalid action:0x109010 Server sends too much data. serverside (10.10.10.10:80 -> 20.20.20.20:17587) clientside (149.126.75.14:1...
application delivery
irules
LTM
cjunior's avatar
cjunior
Icon for Nacreous rankNacreous
Jul 05, 2019

Hi,

I'm not sure but I think you must remove header on the response event, like this way:

when HTTP_RESPONSE {
    HTTP::header remove Content-Length
}

Unfortunately, I can't confirm if this is the best approach to solve the issue and remember to the notes from the article K42151600:

Impact of workaround: The impact of the suggested workarounds depends on the specific environment. F5 recommends testing any such changes during a maintenance window with consideration to the possible impact on your specific environment.

Note: The newly configured behavior is applied to new connections. Existing connections are not affected.

Regards.