I have a series of AJAX calls that use post vars with JSON encoding, and they are all getting caught in the IDS. I'm wondering why, and if there is a place that I should be filtering these out. They seem to all be legitimate submissions.