Forum Discussion
Hi tatmotiv,
👍 for the nickname. Works for me in 16.1.
Following settings:
Just checking the obvious... Did you apply the policy after making those changes.
General hint, stay away from headers with underscores. They are uncommon and some web servers don't play well with them.
KR
Daniel
Hi Daniel - nice to see you again!
(we met before - you gave an AWAF training at my company last year, remember?)
Of course, I applied the policy with all of those settings being active, so that's not the problem. I did some additional tests in the meantime with quotation marks after colleagues pointed me here, but things got even weirder then. Now, I have included two headers with underscores im my request (for testing purposes).
One can be masked in logging, but only when I configure the header name BOTH with AND without quotation marks (either of this alone would not work).
The other cannot be masked at all in any constellation (quoted only, unquoted only, both quoted/unquoted).
I presume a bug here and probably will open a support case for this.