I am using policy fragment where I am adding security assertions. This fragment policy is included in main API service policy. In this fragment, I am using "Request: Protect against code injection [URL query string]" assertion and getting below error message.
"Unable to protect against code injection attacks - the request has already been routed"
Same kind of error I am getting for another assertion "Request: Protect against SQL attack [URL path]"
"Unable to protect against SQL attacks - the request has already been routed".
Regards,
Sumeet