0

Getting 403 Forbidden on GET method when Firewall is enable. I have a requirement to search data on Web API, where I am passing input string as parameter in GET method. E.g. search "how are you" or "task 124". It is giving me the searched results.

However I am getting 403 when I search for any integer value with delete or truncate keyword. E.g. "122 delete" or "23 truncate".

  1. I turned off the Firewall and it is working fine. Also there are some rules to bypass this in Firewall, however I don't have to go with this approach.
  2. I tried HTML-encoding but it is also not accepted by the firewall, so tried searching "122%20delete", replace space with encoded value bit no luck.
  3. I tried calling the method with POST call instead of GET and it worked however I want to keep the method as GET only :)

I need to search data with integer value with delete keyword. Any help would be appreciated.

Matt
  • 23
  • 1
  • 4
  • This is not to perform delete operation. I need to search data with delete keyword in API which is a GET method. – Matt Aug 09 '19 at 12:28

1 Answers1

0

Your saying to perform the Delete operation in the Get request. Which is not correct as perm RESTFul. we have to use the delete verb.

Ravi Kumar Kasim
  • 184
  • 9
  • Not I don't have to perform delete operation. I need to search data with delete keyword in GET method. Hope I clarified properly. – Matt Aug 09 '19 at 12:27