You might be able to create an allowed URL exception in the policy for uploaded JSON content by creating an allowed URL and then not inspecting body content. Try this:
- Go to Security ›› Application Security : URLs : Allowed URLs : Allowed HTTP URLs and create/add the URL that is associated with the uploaded JSON data. This is will be your allowed URL.
- Change the view to Advanced, then uncheck the Staging checkbox.
- Click Header-Based Content Profile
- Request Header Name: Content-Type
- Request Header Value: json/text--the value appropriate for your app
- Request body handling: Do nothing.
Does that help?