You can now more precisely control your HTTP DLP policies by specifying whether to scan the request or response body, helping to reduce false positives and target specific data flows.
In the Gateway HTTP policy builder, you will find a new optional selector called Body Phase. This allows you to define the direction of traffic the DLP engine will inspect:
- Request Body: Scans data sent from a user’s machine to an upstream service. This is ideal for monitoring data uploads, form submissions, or other user-initiated data exfiltration attempts.
- Response Body: Scans data sent to a user’s machine from an upstream service. Use this to inspect file downloads and website content for sensitive data.
For example, consider a policy that blocks Social Security Numbers (SSNs). Previously, this policy might trigger when a user visits a website that contains example SSNs in its content (the response body). Now, by setting the Body Phase to Request Body, the policy will only trigger if the user attempts to upload or submit an SSN, ignoring the content of the web page itself.
All policies without this selector will continue to scan both request and response bodies to ensure continued protection.
For more information, refer to Gateway HTTP policy selectors.
Source: Cloudflare
Latest Posts
- Find your files quickly and easily on Word, Excel and PowerPoint App home pages [MC1249435]
- Retirement of the Semi-Annual Enterprise Channel option in the Office Deployment Service [MC1249427]
- Microsoft Purview compliance portal: Data Security Investigations introduces new soft purge mitigation action [MC1249429]
- Microsoft Teams: Live transcription in Teams Rooms on Android [MC1249432]
![Microsoft Purview | eDiscovery – Metadata field enhancements in process reporting [MC1162273]](https://mwpro.co.uk/wp-content/uploads/2025/06/pexels-scottwebb-614227-96x96.webp "Microsoft Purview | eDiscovery - Metadata field enhancements in process reporting [MC1162273] 7")