Kibana cookies contain "--" characters in the SID which causes the user requests to get blocked in the azure WAF

Hi Community,

We are facing issue while using kibana using with URL,

Whenever the user log-in to kibana with the RBAs user creds the user gets 403 error from the kibana servers. As we debugged the issue we came to know that the user requests are getting blocked at the Azure WAF level because the cookie SID contains "--" characters in it.

The message WAF states is the "SQL comment sequence detected".

Is there any possible way the we can make changes in kibana to not generate cookies having "--" characters in it.

Or any possible configuration that has the following option to disable cookies.
Kibana verions is 8.7.0 and ES 8.7.0 .
License : basic
Thanks in advance

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.