Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

WAF is Removing Headers to Real Server

 

Information

 

Summary:

WAF was not adding HTTP headers when traffic was sent to the real server

Environment:

Product: LoadMaster

Version: 7.2.54.3

Platform: Any

Application: Any

Question/Problem Description:

WAF was removing HTTP headers. When WAF was turned off, headers were added back in.

Steps to Reproduce:
  • Have a user send POST data using "Transfer-Encoding: Chunked" header
  • Turn on WAF on the LoadMaster
Error Message:  
Defect Number: LM-939
Enhancement Number:  
Cause: The issue was 'Chunked' data was being sent by the client using HTTP POST.  That kind of data along with WAF being turned on caused headers to either be removed or not added in from the LoadMaster to the real server (RS).
Resolution: This will be fixed in an upcoming firmware patch.
Workaround:
  • Created 2 content rules under Rules & Checking > Content Rules.  Click "Create New" in the top right.
    • First Rule
      • Rule Type: Content Matching
      • Header Field: Transfer-Encoding
      • Match String: /chunked/
      • Set Flag If Matched: 1
      • Ignore Case: Checked
      • This rule will be added to the VIP in question under Advanced properties > HTTP selection Rules.
    • Second Rule
      • Rule Type: Add Header

      • Header Field to be Added: Connection

      • Value of Header Field to be Added: Close

      • Perform if Flag Set:  1

      • This rule will be added to the VIP in question under Advanced properties > HTTP Header Modifications.  Add as a "Response Rule"

The purpose of the work around is to close the connection before the next request.

Notes:

More information on HTTP POST Chunked data and the "Transfer-Encoding" header.

Transfer-Encoding - HTTP | MDN (mozilla.org)


Comments