Users usually interact with an application server or a website deployed by the means of their web browser, by navigating through web pages, filling forms, and clicking on links and buttons. These user activities are translated by the web browser client into HTTP request messages, to which the application server or website reacts by sending back response messages containing further web pages. As such, an application server or website receives a wide variety of requests from users. Configuring a policy for an application based on the variety of types of requests is challenging.