allow WAF exclusion rules to match request headers
The current WAF exclusion rule allows rules to be applied based on the domain, path and method. These are all aspects of the http request. It would be great if this could be extended to the http request headers. For example, only performing the ex...