Forum Discussion
samstep
Jan 16, 2019Cirrocumulus
-
If you have:
Content-Disposition: form-data; name="_app_generated_name" then yes "_app_generated_name" is a parameter and is being correctly recognised
-
If POST parameter value contains bits of JavaScript ASM will of course block it as this looks like a code injection attack. There might be some legit reason for it, if this is how your application works (for example if it is a CMS/Content Management System then users with editor privileges can upload content, however regular users/visitors of the website must not be able to do that, otherwise hackers can upload any code they want and hack into the website.