Base64 decoding issue (JSON request)

Hello Everyone,

i'm facing an issue with Base64 decoding on F5 ASM.

the request body look like this:

Original message before encoding

{ "data": { "name":"khaled", "Age":"30", "Car":"BMW", "Conutry":"Egypt", "City":"Cairo" } }

The developer encoded only the value part of the key

{"data":"IHsKICAgICAgICAibmFtZSI6ICJraGFsZWQiLAogICAgICAgICJBZ2UiOiAiMzAiLAogICAgICAgICJDYXIiOiAiQk1XIiwKICAgICAgICAiQ29udXRyeSI6ICJFZ3lwdCIsCiAgICAgICAgIkNpdHkiOiAiQ2Fpcm8iCiAgICB9"}

i created JSON profile and base64 decoding is required:

When F5 ASM decode the request body, the value part is decoded correctly but "data" become garbage. because ASM doesn't know that the part of the request is encoded not the whole request body, how can i fix this behavior.

after decoding:

uZ {
        "name": "khaled",
        "Age": "30",
        "Car": "BMW",
        "Conutry": "Egypt",
        "City": "Cairo"
    }

 i searched to fix this issue, and i found this Securing Base64-Encoded Parameters , i added "data" parameter then

1. For the Parameter Value Type setting, select User-input value.
2. On the Data Type tab, for the Data Type setting, select either Alpha-Numeric or File Upload.
3. Select the Base64 Decoding check box if you want the system to apply base64 decoding to values for this parameter.

When i changed the profile to disable decoding on the request body, a lot of violations triggered (meta chars) 

{ } " :

{"data":"IHsKICAgICAgICAibmFtZSI6ICJraGFsZWQiLAogICAgICAgICJBZ2UiOiAiMzAiLAogICAgICAgICJDYXIiOiAiQk1XIiwKICAgICAgICAiQ29udXRyeSI6ICJFZ3lwdCIsCiAgICAgICAgIkNpdHkiOiAiQ2Fpcm8iCiAgICB9"}