Altostratusi see the following event: repeated parameter name array[].
The f5 recognizes "array[]" as a multiple times parameters, but in fact it is an array that gets a different value each time it appears.
This is an example where the array name is "typeCodes[]" :
GET /AgApi/ProceduresDocuments?typeCodes[]=2&typeCodes[]=1&searchQuery=bbb+aaa&pageNumber=0&pageSize=5&fieldSort=distributionDate&directionSort=false HTTP/1.1
How should I handle it?
EmployeeFrom an HTTP perspective, repeating query parameters isn't illegal, so BIG-IP doesn't disallow it as a proxy.
From a Web App perspective, the behavior when handling multiple repeated query parameters isn't defined in any explicit way.
If this repeating-parameter behavior is breaking stuff and is caused by the app itself, you'll need to report the defect to the web app vendor.
If this repeating-parameter behavior is breaking stuff and is caused by middleware (BIG-IP, irules, or whatever), you'll have to figure out exactly where it's happening and use some kind of workaround.
AltostratusThis repeating-parameter behavior is not breaking anything. In fact, according to the developers, it is a legitimate array that gets a different value each time it appears in the URL parameter. But the f5 recognizes this "array[]" as a multiple times parameters. It seems like the F5 detect a false positive
EmployeeOK. This makes sense.
In an ordinary situation, having multiple copies of a query parameter would be problematic because most web app frameworks parse them out to the app in the form of a list (key:value) pairs, so the app itself cannot usually detect if the HTTP query parameters are duplicated because it would only "see" one of them. It sounds like your app is actually designed to operate this way.
Since in your situation this is OK, you should disable this signature.