Part of Marketo Engage's platform involves encoding tracking email links so the platform can accurately associate email activity with records. However, the method that makes this work involves sending a 302 redirect link without any additional HTTP header content; it defaults to Cloudflare's standard instead. This makes it complicated for technical solution providers to determine safe 302 redirects from Adobe and more problematic unencoded 302 redirect links.
Would it be possible to put a custom header for technology providers to check against? I'm thinking something as plain as "x-generated-by: adobe-marketo-engage" or similar; this is also straightforward to implement on the CF side.
.png)