diff --git a/server/src/main/resources/password/pwm/AppProperty.properties b/server/src/main/resources/password/pwm/AppProperty.properties
index 4d7bb7143..1094b0520 100644
--- a/server/src/main/resources/password/pwm/AppProperty.properties
+++ b/server/src/main/resources/password/pwm/AppProperty.properties
@@ -307,7 +307,7 @@ security.http.stripHeaderRegex=\\n|\\r|(?ism)%0A|%0D
 security.http.performCsrfHeaderChecks=false
 security.http.promiscuousEnable=false
 security.http.permittedUserPhotoMimeTypes=image/gif,image/png,image/jpeg
-security.http.permittedUrlPathCharacters=^[a-zA-Z0-9-_]*$
+security.http.permittedUrlPathCharacters=^[a-zA-Z0-9-_=\\s]*$
 security.http.config.cspHeader=default-src 'self'; object-src 'none'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; report-uri @PwmContextPath@/public/command/cspReport
 security.httpsServer.selfCert.futureSeconds=63113904
 security.httpsServer.selfCert.alg=RSA