Guest

Preview Tool

Cisco Bug: CSCuq57188 - ASA returns wrong content-length for cut-thru proxy authentication page

Last Modified

Nov 27, 2020

Products (1)

  • Cisco Adaptive Security Appliance (ASA) Software

Known Affected Releases

8.4(7.15)

Description (partial)

Symptom:
When an ASA is configured for authentication proxy with 'aaa authentication secure-http-client', some browsers may not fully display the authentication page returned by the ASA. This happens because the content-length value in the HTTP response header is incorrect compared to the actual amount of content that is returned.

Although the ASA returns an incorrect content-length regardless of the browser being used, only some browsers will fail to display the login page correctly. Other browsers may display the page and not adversely affect the operation of cut-through proxy.

Conditions:
This issue only occurs for HTTPS-based authentication for the ASA's cut-through proxy feature. Other forms of authentication, such as Telnet and FTP, are not affected.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.