Curl table does not permit the inclusion of custom headers

[FritzX6]

Feature request

What new feature do you want?

Add new column header to curl table.

How is this new feature useful?

This column would permit the passing of custom headers which would enable the curl table to return the responses from endpoints which require a specific header. An example of which is Google's GCP metadata server:
https://cloud.google.com/compute/docs/storing-retrieving-metadata

---

Screenshot of required header documentation:

How can this be implemented?

I do not know the manner in which this would be added.

[directionless]

I think we should have a google instance metadata table (or possible a generic cloud metadata table)

I'm much less sure about adding headers to curl. It has security implications we'd need to think through. (Oh look, someone wrote a blog post https://www.tenchisecurity.com/blog/abusing-the-osquery-curl-table-for-pivoting-into-cloud-environments)

[theopolis]

I agree, we should create a table specific for this.

[directionless]

For future search purposes, the header in question is Metadata-Flavour: Google

[pratiklotia]

Was a new table format ever created for this? Is there an issue tracking this? gcp_instance_metadata

[mwarkentin]

I opened #7924 for a dedicated table.