Forum Discussion
Jiri_Rosenmayer
Jun 13, 2019Altostratus
Hi,
see this article
https://support.f5.com/csp/article/K11930
When you enable the CSRF protection feature, the system inserts custom JavaScript into the response pages of protected web applications.
In my experience this is often a problem and I try to avoid using any ASM feature which inserts JS
In your case probably, when the ASM inserts the JS, the IE can still render the page but chrome cannot. Check where in the response the ASM inserts the JS. You can solve this either by turning off the CSRF or update your application so that the ASM inserts to JS to "better" location in the HTTP response. So that even chrome can render the page.
Hope it helps
Jiri