Loading

Data 360: 403 Forbidden Errors when Ingesting Special Characters via Ingestion API

Veröffentlichungsdatum: Apr 28, 2026
Beschreibung

Salesforce Data 360 enforces security through WAF rules that inspect incoming payloads.
Certain patterns using backticks (`) resemble SQL injection or malicious input, causing the request to be blocked with a 403 response.

Scenarios That Trigger 403 Errors

Rule 1: Backtick Value with Path/Flag/SQL Keyword + Logical Operator

A backtick-enclosed value that:

  • Starts with / or -, or
  • Contains SQL keywords like LIMIT or HAVING,
  • Followed by a logical operator (AND / OR)

Examples:

  • `/foo` and
  • `--foo` and
  • `limit` and
  • `having` or

Rule 2: Multiple SQL DML Keywords in Backticks

Payload contains two or more SQL DML keywords wrapped in backticks.
Keywords include: SELECT, INSERT, UPDATE, CREATE
Examples:

  • `select` `select`
  • `update` foo `insert`

Rule 3: Backtick-Wrapped AND and OR Together

Payload includes both AND and OR (case-insensitive), especially within backticks.
Examples:

  • `AND` OR
  • `and` `or`
  • `AND` blah OR

Rule 4: Backtick Value Starting with HTML-Encoded <

Backtick-enclosed value begins with &lt; (HTML-encoded <).
Examples:

  • `&lt;`
  • &lt;foo&gt;
Lösung

HTTP 403 errors during ingestion is caused by WAF rules detecting potentially unsafe patterns involving backticks. This is an expected behaviour.
If backticks are required for business logic, consider restructuring the payload to avoid triggering WAF rules.

Nummer des Knowledge-Artikels

005321432

 
Laden
Salesforce Help | Article