Some links from Google Adwords keeps getting stuck in the IDS, i.e:
Variable: REQUEST.gclid | Value: CIeoy-fB3q7CFVx0mAodxW--CA |*Impact: 3 | Tags: xss, csrf, id
Right now I'm just ignoring everything in the gclid parameter to get around this, since I don't use the gclid value myself, only my GA script uses it. Is this security wise a valid way to handle that request? Or how do you handle adwords links?