http headers - Is it possible that some firewall modify 'Accept-Encoding'? Though it seems okay in Fiddler -

i added rule on apache http compression. rule surely okay fiddler displays response not gzipped.(i tested curl localhost, response gzipped)

i suspect firewall modifies request header's accept-encoding different. though fiddler displays request header includes accept-encoding.

i mean if fiddler says accept-encoding this..., it's not. want make sure before contact firewall vendor.

and.. curiosity, how accept-encoding security?

some firewalls , security software mangle or remove outbound accept-encoding header in order prevent server using http compression compress response. firewalls/security software prefer not have decompress responses before scanning (either because don't know how decompress, or because decompression takes cpu time).

fiddler shows http headers before they've left computer , before they've been mangled firewall or upstream gateway.

you can see outbound headers http request; see https://bayden.com/echo2.aspx , https://bayden.com/echo2.aspx see headers sent client. note https-request headers might intact if http-request headers mangled, because intermediaries cannot interfere https traffic.