Is there better WAF rule exclusions on the roadmap for Kona? I'm hoping they're coming soon, the current exclusion rules are very basic. I'm trying to exclude a specific query parameter for a url at the moment, but it seems I can't do that. The query parameter is "p" which I can exclude from a rule, but it excludes it everywhere, not just for a specific url. I don't know whether the query parameter "p" is vulnerable in other places, so doing a global exclude could be dangerous.
It would be great to see some proper boolean matches, i.e. (url = /test.html AND query param = q) OR (query param = g)... It would be much safer and more powerful.