OWA File Upload URIs for WAF Bypass

Hi All,

We are using the OWA 2016 WAF application template (negative security model) and would like to know:

The list of OWA URIs used for file uploads

The recommended URIs to bypass or relax WAF inspection for uploads

Our intention is to disable file upload/payload inspection and signature enforcement only for those URIs, while retaining HTTP compliance checks, as file scanning is handled via ICAP.

Any guidance would be appreciated.

Thanks.