> any malicious or accidental "weirdness" would be turned into proper EOD sequences
Yeah, that's the result in this case. In other cases, not allowing malicious weirdness to pass may prevent a whole host of vulnerabilities from being able to reach your system at all.
Trade-offs. In this case, it happened to make you vulnerable. Which is better may only be clear with hindsight and experience, but I can see their reasoning.
However, their job being to provide additional security, by not fixing the issue (they can leave other "cleaning" rules in place, just this one needs to be forwarded either literally or rejected) they're imo defeating the purpose of their product insofar as I understand
Yeah, that's the result in this case. In other cases, not allowing malicious weirdness to pass may prevent a whole host of vulnerabilities from being able to reach your system at all.
Trade-offs. In this case, it happened to make you vulnerable. Which is better may only be clear with hindsight and experience, but I can see their reasoning.
However, their job being to provide additional security, by not fixing the issue (they can leave other "cleaning" rules in place, just this one needs to be forwarded either literally or rejected) they're imo defeating the purpose of their product insofar as I understand