Forum Discussion
Emil_T
Altostratus
Altostratusrepeated parameter name
i see the following event: repeated parameter name array[]. The f5 recognizes "array[]" as a multiple times parameters, but in fact it is an array that gets a different value each time it appears. ...
Lucas_Thompson
Employee
EmployeeFrom an HTTP perspective, repeating query parameters isn't illegal, so BIG-IP doesn't disallow it as a proxy.
From a Web App perspective, the behavior when handling multiple repeated query parameters isn't defined in any explicit way.
If this repeating-parameter behavior is breaking stuff and is caused by the app itself, you'll need to report the defect to the web app vendor.
If this repeating-parameter behavior is breaking stuff and is caused by middleware (BIG-IP, irules, or whatever), you'll have to figure out exactly where it's happening and use some kind of workaround.
- Emil_T
This repeating-parameter behavior is not breaking anything. In fact, according to the developers, it is a legitimate array that gets a different value each time it appears in the URL parameter. But the f5 recognizes this "array[]" as a multiple times parameters. It seems like the F5 detect a false positive
- Lucas_Thompson
OK. This makes sense.
In an ordinary situation, having multiple copies of a query parameter would be problematic because most web app frameworks parse them out to the app in the form of a list (key:value) pairs, so the app itself cannot usually detect if the HTTP query parameters are duplicated because it would only "see" one of them. It sounds like your app is actually designed to operate this way.
Since in your situation this is OK, you should disable this signature.
- Emil_T
Well yeh, that is always the easy way to go, but I'd like to understand why F5 detects a false positive in a allegedly valid RFC HTTP request
