Enhancement to HTTP header processing

Currently, we only support a limited set of http header processing documented in https://docs.cloud.f5.com/docs/how-to/advanced-security/configure-http-header-processing. Customer require further details of those information which currently available in the logs but not in the header processing.


This request is to extend the limited set of header that can be injected to provides more visibility to the backend system - customer require information send as part of header for ssl_protocol and ssl_cipher which shown in logs as tls_cipher_suite.

Information will be send as a header to upstream for furhter security analysis and decision.


"tls_cipher_suite": "TLSv1_3/TLS_AES_128_GCM_SHA256",


  • Foo Bang CHAN
  • Jun 13 2024
  • Attach files
  • DeVon Jarvis commented
    10 Sep 04:18pm

    We need a way to see what TLS Protocol and Cipher Suite are being used so we can help users upgrade. We used iRule on F5 VE, but don't see any way to detect what users are using in XC. If this header would be logged, then we could identify in XC.

  • Foo Bang CHAN commented
    13 Jun 01:50am

    Information will be send as a header to upstream for further security analysis and decision.