diff --git a/src/main/angular/src/app/api/schedule/Schedule.ts b/src/main/angular/src/app/api/schedule/Schedule.ts
index f873a65..fcc9499 100644
--- a/src/main/angular/src/app/api/schedule/Schedule.ts
+++ b/src/main/angular/src/app/api/schedule/Schedule.ts
@@ -1,4 +1,4 @@
-import {validateBooleanNotNull, validateListOrEmpty, validateNumberNotNull, validateStringNotEmptyNotNull} from "../validators";
+import {validateBooleanNotNull, validateListOrEmpty, validateNumberNotNull, validateStringNotEmptyNotNull, validateStringNullToEmpty} from "../validators";
 import {ScheduleEntry} from "./entry/ScheduleEntry";
 
 export class Schedule {
@@ -19,8 +19,8 @@ export class Schedule {
       validateNumberNotNull(json['id']),
       validateBooleanNotNull(json['enabled']),
       validateStringNotEmptyNotNull(json['name']),
-      validateStringNotEmptyNotNull(json['propertyName']),
-      validateStringNotEmptyNotNull(json['propertyType']),
+      validateStringNullToEmpty(json['propertyName']),
+      validateStringNullToEmpty(json['propertyType']),
       validateListOrEmpty(json['entries'], ScheduleEntry.fromJson, ScheduleEntry.compare),
     );
   }
diff --git a/src/main/angular/src/app/api/validators.ts b/src/main/angular/src/app/api/validators.ts
index c5f2189..993eb11 100644
--- a/src/main/angular/src/app/api/validators.ts
+++ b/src/main/angular/src/app/api/validators.ts
@@ -27,6 +27,20 @@ export function validateNumberAllowNull(value: any): number | null {
   return validateNumberNotNull(value);
 }
 
+export function validateStringEmptyToNull(value: any): string | null {
+  if (value === null || value === undefined || value === '') {
+    return null;
+  }
+  return validateStringNotEmptyNotNull(value);
+}
+
+export function validateStringNullToEmpty(value: any): string {
+  if (value === null || value === undefined || value === '') {
+    return '';
+  }
+  return validateStringNotEmptyNotNull(value);
+}
+
 export function validateStringNotEmptyNotNull(value: any): string {
   if (!(typeof value === 'string')) {
     throw new Error("Not a string: " + value);
@@ -37,13 +51,6 @@ export function validateStringNotEmptyNotNull(value: any): string {
   return value;
 }
 
-export function validateStringNotEmpty_AllowNull(value: any): string | null {
-  if (value === null || value === undefined || value === '') {
-    return null;
-  }
-  return validateStringNotEmptyNotNull(value);
-}
-
 function validateDateNotNull(value: any): Date {
   const number: number = Date.parse(value);
   if (isNaN(number)) {
diff --git a/src/main/java/de/ph87/homeautomation/web/WebConfig.java b/src/main/java/de/ph87/homeautomation/web/WebConfig.java
index 7fec59b..7b77166 100644
--- a/src/main/java/de/ph87/homeautomation/web/WebConfig.java
+++ b/src/main/java/de/ph87/homeautomation/web/WebConfig.java
@@ -6,10 +6,13 @@ import org.springframework.context.annotation.Configuration;
 import org.springframework.core.io.ClassPathResource;
 import org.springframework.core.io.Resource;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.firewall.HttpFirewall;
+import org.springframework.security.web.firewall.StrictHttpFirewall;
 import org.springframework.web.servlet.config.annotation.CorsRegistry;
 import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@@ -29,11 +32,24 @@ public class WebConfig extends WebSecurityConfigurerAdapter implements WebMvcCon
     http.authorizeRequests().anyRequest().permitAll();
   }
 
+  @Override
+  public void configure(WebSecurity web) {
+    web.httpFirewall(allowUrlEncodedSlashHttpFirewall());
+  }
+
   @Bean
   public PasswordEncoder passwordEncoder() {
     return new BCryptPasswordEncoder();
   }
 
+  @Bean
+  public HttpFirewall allowUrlEncodedSlashHttpFirewall() {
+    final StrictHttpFirewall firewall = new StrictHttpFirewall();
+    firewall.setAllowUrlEncodedSlash(true);
+    firewall.setAllowSemicolon(true);
+    return firewall;
+  }
+
   @Override
   public void addCorsMappings(CorsRegistry registry) {
     registry.addMapping("/**").allowCredentials(true).allowedOrigins("http://localhost:4200").allowedMethods("*");