Base64 encoding is a convenient encoding method that uses a compact presentation, and is relatively unreadable to the casual observer. Many applications apply base64 encoding to binary data, for inclusion in URLs or in hidden web form fields. Unfortunately, it is also possible to mask application attacks in base64-encoded data. To provide better security for applications that use base64 encoding, Application Security Manager™ can decode user-input parameter values that are base64-encoded.
|Global||The parameter can occur anywhere and is not associated with a specific URL or flow.|
|URL||The parameter occurs in the specific URL that you provide.|
|Flow||The parameter occurs in the specific entry point URL or referrer URL that you provide.|