This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Server protection strips empty parameters in REST calls

I have a REST webservice protected/exposed through UTM WAF. The webservice URL is sometimes called with empty parameters, however WAF seems to "optimize" the URL and consolidate the empty parameters, for example the original call

is stripped to



The same webservice exposed through my old TMG Server works flawless and receives empty param2 and 3 for example in the above call.


I tried to disable URL hardening, disable filtering, disable all threat filter categories however with no success.

Any idea how to tell the UTM to leave my URL alone ?

This thread was automatically locked due to age.