Loading

Data 360: 403 Forbidden Errors when Ingesting Special Characters via Ingestion API

게시 일자: Apr 28, 2026
상세 설명

Salesforce Data 360 enforces security through WAF rules that inspect incoming payloads.
Certain patterns using backticks (`) resemble SQL injection or malicious input, causing the request to be blocked with a 403 response.

Scenarios That Trigger 403 Errors

Rule 1: Backtick Value with Path/Flag/SQL Keyword + Logical Operator

A backtick-enclosed value that:

  • Starts with / or -, or
  • Contains SQL keywords like LIMIT or HAVING,
  • Followed by a logical operator (AND / OR)

Examples:

  • `/foo` and
  • `--foo` and
  • `limit` and
  • `having` or

Rule 2: Multiple SQL DML Keywords in Backticks

Payload contains two or more SQL DML keywords wrapped in backticks.
Keywords include: SELECT, INSERT, UPDATE, CREATE
Examples:

  • `select` `select`
  • `update` foo `insert`

Rule 3: Backtick-Wrapped AND and OR Together

Payload includes both AND and OR (case-insensitive), especially within backticks.
Examples:

  • `AND` OR
  • `and` `or`
  • `AND` blah OR

Rule 4: Backtick Value Starting with HTML-Encoded <

Backtick-enclosed value begins with &lt; (HTML-encoded <).
Examples:

  • `&lt;`
  • &lt;foo&gt;
솔루션

HTTP 403 errors during ingestion is caused by WAF rules detecting potentially unsafe patterns involving backticks. This is an expected behaviour.
If backticks are required for business logic, consider restructuring the payload to avoid triggering WAF rules.

Knowledge 기사 번호

005321432

 
로드 중
Salesforce Help | Article