ASM allowed URLs with header based content
hello community, I would like to get clear my ideas about the allowed urls in the ASM ... I do have an ASM policy which is still in staging but I have found some violations in JSON posts that are false positive and I want to stop them;
this is the content of the HTTP request that I want to allow:
So, I have created an allowed URL with a header based content profile to allow it and stop receiving illegal requests for this reason... this is the content of the allowed url:
but I am not sure if this config. will help me since I already see an HTTP wildcard in this policy (it's there by default and has no header content profiles there except the default one)
The suggestions made by the ASM does not help me, I would like to go in the option to permit this posts when the system finds the /web/dataset/* path in the URL ... and stop receiving violations when posts like this happen. Am I following the correct approach to resolve this problem?
thanks a lot. Alex.