diff --git a/gateway/src/main/java/com/bonus/gateway/filter/XssFilter.java b/gateway/src/main/java/com/bonus/gateway/filter/XssFilter.java
index b617655..6cbdee1 100644
--- a/gateway/src/main/java/com/bonus/gateway/filter/XssFilter.java
+++ b/gateway/src/main/java/com/bonus/gateway/filter/XssFilter.java
@@ -82,7 +82,9 @@ public class XssFilter implements GlobalFilter, Ordered
                     DataBufferUtils.release(join);
                     String bodyStr = new String(content, StandardCharsets.UTF_8);
                     try {
-                        if (bodyStr.contains("username") || bodyStr.contains("password")){
+                        if (bodyStr.contains("username") || bodyStr.contains("password") || bodyStr.contains("userName")
+                        || bodyStr.contains("idNumber") || bodyStr.contains("orgId") || bodyStr.contains("phone") ||
+                        bodyStr.contains("phonenumber")){
 
                         }else {
                             bodyStr = java.net.URLDecoder.decode(bodyStr, StandardCharsets.UTF_8.name());