We are trying to solve one security defects on TYK apigateway level i.e
if we request API using postman https://xyz.com/pdd/xxx/d4/Location?city=xyz<script>alert(1)</script>
we are still getting the response for the records do we have any security configuration on TYK gateway level so that we can blacklist <script>alert(1)</script> ?