Requests not getting processed containing special characters
search cancel

Requests not getting processed containing special characters


Article ID: 185585


Updated On:


CA API Gateway API SECURITY CA API Gateway Precision API Monitoring Module for API Gateway (Layer 7) CA API Gateway Enterprise Service Manager (Layer 7) STARTER PACK-7 CA Microgateway


We are facing an issue in our Production and lower environment where the requests are not getting processed if they contain any special characters.

As of now we have seen issue with '$' and '&'. For handling the issue we are escaping the characters by using "Evaluate Regular Expression" assertion.

Can you please provide the list of special characters that causes the issue and also if there is any other way to resolve the issue so that we don't have to updated our every API's individually.



Release : 9.2



When constructing HTML/XML/JSON document using input directly from the user its essential to escape HTML special characters to avoid insertion attacks. 
Gateway must check the validity of all data inputs except those specially identified by the customer's business needs.


If the data is sent/received via URL, then the users can use Encode/Decode Data Assertion.  What if the destination is BODY and the format is XML, then you cannot encode the data using URL encoding rules so you need to use regular expression.  In order to bypass any special characters, you need to add them in your policy using regex expressions as depicted below ..