1 files changed, 5 insertions, 0 deletions

diff --git a/doc/configuration_parameters.md b/doc/configuration_parameters.md
index faa02f7b3..8a9cc67c3 100644
--- a/doc/configuration_parameters.md
+++ b/doc/configuration_parameters.md
@@ -28,6 +28,11 @@ List of the supported configuration options:
 | NULL         | "lru.$CACHE_NAME.size"                    | See description | 0         | 16777215  | Set the size (in number of elements) of the specified LRU cache (0 = the cache is disabled). The keyword "$CACHE_NAME" is a placeholder for the cache name and the possible values are: ookla, bittorrent, stun, tls_cert, mining, msteams, fpc_dns. The default value is "32768" for the bittorrent cache and "1024" for all the other caches |
 | NULL         | "lru.$CACHE_NAME.ttl"                     | See description | 0         | 16777215  | Set the TTL (in seconds) for the elements of the specified LRU cache (0 = the elements never explicitly expire). The keyword "$CACHE_NAME" is a placeholder for the cache name and the possible values are: ookla, bittorrent, stun, tls_cert, mining, msteams, fpc_dns. The default value is "120" for the ookla cache, "60" for the msteams and fpc_dns caches and "0" for all the other caches |
 | NULL         | "lru.$CACHE_NAME.scope"                   | 0             | 0         | 1         | Set the scope of the specified LRU cache (0 = the cache is local, 1 = the cache is global). The keyword "$CACHE_NAME" is a placeholder for the cache name and the possible values are: ookla, bittorrent, stun, tls_cert, mining, msteams, fpc_dns. The global scope con be set only if a global context has been initialized |
+| "http"       | "metadata.request_content_type"           | enable        | NULL      | NULL      | Enable/disable export of Request Content Type header for HTTP flows. |
+| "http"       | "metadata.referer"                        | enable        | NULL      | NULL      | Enable/disable export of Referer header for HTTP flows. |
+| "http"       | "metadata.host"                           | enable        | NULL      | NULL      | Enable/disable export of Host header for HTTP flows. |
+| "http"       | "metadata.username"                       | enable        | NULL      | NULL      | Enable/disable export of (cleartext) username metadata for HTTP flows. |
+| "http"       | "metadata.password"                       | enable        | NULL      | NULL      | Enable/disable export of (cleartext) password metadata for HTTP flows. |
 | "tls"        | "certificate_expiration_threshold"        | 30            | 0         | 365       | The threshold (in days) used to trigger the `NDPI_TLS_CERTIFICATE_ABOUT_TO_EXPIRE` flow risk |
 | "tls"        | "application_blocks_tracking"             | disable       | NULL      | NULL      | Enable/disable processing of TLS Application Blocks (post handshake) to extract statistical information about the flow |
 | "tls  "      | "dpi.heuristics",                         | 0x00          | 0x00      | 0x07      | Enable/disable some heuristics to detect encrypted/obfuscated/proxied TLS flows. The value is a bitmask. Values: 0x0 = disabled; 0x01 = enable basic detection (i.e. encrypted TLS without any encapsulation); 0x02 = enable detection over TLS (i.e. TLS-in-TLS); 0x04 = enable detection over HTTP (i.e. TLS-over-WebSocket). If enabled, some false positives are expected. See: https://www.usenix.org/conference/usenixsecurity24/presentation/xue-fingerprinting |