Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Ronnie_Munoz's avatar
Ronnie_Munoz
Icon for Nimbostratus rankNimbostratus
Nov 02, 2020

Special character not functioning in LTM policy rule

I have a URL that contains /? in the address. When the URL is visited in a browser it functions as expected and the page loads. When its used as a redirect location in an LTM policy the page will n...
application delivery
LTM
Simon_Blakely's avatar
Simon_Blakely
Icon for Employee rankEmployee
Nov 02, 2020

Try specifying ? as %3F.

 

Also, is the ? actually required?

In the RFC, ? delimits the URI path/file and the query parameters.

So

/test/

and

/test/?

should be functionally equivalent, as the second just specifies the same path with an empty parameter string.

 

But (of course) YMMV depending on the compliance of the specific server ...

  • Ronnie_Munoz's avatar
    Ronnie_Munoz
    Icon for Nimbostratus rankNimbostratus
    Nov 02, 2020

    Thanks for that suggestion. I tried changing it and the page still won't load correctly. The user requesting the redirect states the ? and the rest of the URL are required for Google Analytics. The full URI is actually /?utm_source=Posters&utm_medium=print&utm_campaign=Poster-Rackcards

    • Simon_Blakely's avatar
      Simon_Blakely
      Icon for Employee rankEmployee
      Nov 02, 2020

      What version of LTM?

      On 15.x, the displayed rule shows the escape character in the rule but the Location header is correct in the reply.

      Can you test with a curl request that triggers the redirect:

      curl -kv http://host.name.site/

      Have you checked using the Browser developer tools (F12, network) to view the request/response?

      Can you post the policy rule?