post body data parameters-f5 asm

Hi

 

was deploying f5 asm for oracle erp application.In one of the url, i see below :-

 

/OA_HTML/RF.jsp ->

 

POST /OA_HTML/RF.jsp?function_id=ATTACHREST&security_group_id=0&isReadOnlyCustomPopup=Y HTTP/1.1 Accept: / OAFunc: FND_DIALOG_PAGE Content-Type: application/xml Referer: .. Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko Host: xxxxx Content-Length: 374 Connection: Keep-Alive Cache-Control: no-cache Cookie: oracle.uix=0^^GMT+3:00^p; BIGipServerAstad_EBS_New_Production.app~Astad_EBS_New_Production_pool=285673482.18975.0000; treemenu1=none open; TS0138831c=01a978a1118e5f142c8bdedb210759f1efd1cbb0e7858f7defc2b66744ee059917758af593252e6894b3d7d77ccecbdf6b0b1d8714d82627e6751b69c4203d9c2a3a03ebce; JSESSIONID=sKBjhfTGJx2vgPgChKLf0NRg4QS6MKD1nzrbn2vTRB6sFZHstT59!-1288392341; SEN=PxNOVkXYr6XhV5sczV6xUMxBEs; TS01e2cc2e=01a978a11159660c4ab4659f98b13ba4e89cb6d882858f7defc2b66744ee059917758af5936cc77f9eb059c70455c2863c6aecfab53595c2cdd64bf1594b170cc87d60a700 X-Forwarded-For: yyyy

 

oracle.apps.ap.invoice.request.negotiation.server.NegotiationAMgetListOfFilesAttachment::Attach_0_::ATTACH_/oracle/apps/ap/invoice/request/negotiation/webui/InvPoReqNegoPG.Attachment::yy.xx::516040::true::true::true::true::ATTACHMENT_LINK_06N

 

F5 asm detects the whole as a parameter and detects the param tag vulnerability.I am cross checking with the application as well. But there are many param tag in the several other post body data. How do i add exception for this and other tag for this url , and remove this attack signature from blocking ? the param fields differ for other sessions and other tabs. but i believe the url is the same , do you think i add a wildcard parameter for this url and remove the attack signature inspection for that ?