How to send SQL or HTML data over HTTP without triggering WAF rules?

I’m working on securing an application that receives SQL and HTML-like information that is actually proprietry formulas in some cases, and parts of XML documents in other cases.

So the WAF thinks some HTTP requests are SQL or HTML injection attacks while they actually aren’t.

So how can I send these formulas and XML informaiton without triggering those WAF rules? I tried encoding the data but that didn’t work.