Forum Discussion
Should data that may contain OWASP triggers be base64 encoded?
I have an Application Gateway with a WAF that is blocking simple passwords that contain a ^ What is the best-practice for allowing special characters in a password field so the WAF does not see t...
RexBloom we had same experience and we fixed it.
There are two quick option to fix it:
- Encrypt request body to base64,
- Create an Exclusion rules
For us point #1 was the best solution.
- Did you encrypt the whole body or only the password field?
