AnsweredAssumed Answered

Allow special character in URL query string

Question asked by Tattwa on Mar 13, 2018
Latest reply on Mar 14, 2018 by slage

I have requirement and looking for appropriate solution.

Requirement : Allow request having special character (|[%7C]) in query string e.g. http://<<hostname>>//category/results?Ns=sortPrice_AEO_INTL%7C1

 

Analysis  : "Protect Against Code Injection Assertion" which provides basic threat protection against attacks on web applications by blocking malicious code injection. 

 

I am thinking to use "Encode/Decode Data" assertion before "Protect Against Code Injection Assertion" . But don't know impact with respect to threat protection.

 

Is there any way to configure special character which will be acceptable by  "Protect Against Code Injection Assertion"?

 

Note :- Gateway version : 9.2

Here is the my existing threat protection configuration:  

 

 

Outcomes