HTTP/S Proxy Header Injection/Manipulation
A technique that doesn't appear to be very well known with Watchguard's is the ability to strip HTTP Response headers from a server that is published to the world when using a Server Based Proxy Rule.
The benefits of this being to remove server versions and other identifying markers before the client receives the packets. If possible I would like to see this further enhanced with the ability to modify or inject headers into the response.
e.g We have a web application that doesn't allow manipulation of response headers due to the way it was created. If we could inject headers into it from the Firewall level we could implement things such as:
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'
Hopefully this is something that could be considered, if it is at all technically possible?