Support of HTTP/2 by Edge SWG (formerly ProxySG) Appliances
search cancel

Support of HTTP/2 by Edge SWG (formerly ProxySG) Appliances


Article ID: 174021


Updated On:


Advanced Secure Gateway Software - ASG ProxySG Software - SGOS


HTTP/2 (originally named HTTP/2.0) is a major revision of the HTTP network protocol used by the World Wide Web. The standardization effort was supported by Chrome, Opera, Firefox, Internet Explorer 11, Safari, Amazon Silk, and Edge browsers. Most major browsers had added HTTP/2 support by the end of 2015.


Edge SWG (formerly ProxySG) devices support HTTP/2 starting with and later. Handling of HTTP/2 for prior releases is as follows:

  • Edge SWG (formerly ProxySG) running SGOS 6.7 supports HTTP/2 via downgrading to HTTP/1.1.
  • Edge SWG (formerly ProxySG) running SGOS or later supports HTTP/2 via downgrading to HTTP/1.1.
  • Edge SWG (formerly ProxySG) running SGOS or later supports HTTP/2 via downgrading to HTTP/1.1.

Note: For any issues experienced with HTTP/2 on SGOS releases that do not support it, you can apply a workaround at the browser level or tunnel the requests in question (see below).



Disable HTTP/2 protocol in your browsers to allow the Edge SWG (formerly ProxySG) appliance to load the webpage.

  • Chrome:
    • Create a shortcut with the following target in order to disable the HTTP2 flag (location might change depending on the OS):

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --disable-http2

  • Firefox:
    • In the address bar, enter: about:config
    • In the list of commands, find network.http.spdy.enabled.http2
    • Set network.http.spdy.enabled.http2  to false
  • Internet Explorer:
    • Select Tools > Internet Options > Advanced.
    • Under HTTP settings, clear the Use HTTP/2 check box.

For explicit Edge SWG deployments, protocol detection can be used for HTTPS connections so that the HTTP traffic is tunneled through the appliance:

     <proxy> detect_protocol(none)

Additional Information

HTTP/2 offers improved performance due to its compression of HTTP headers, and multiplexing multiple requests and responses over a single connection. The feature is enabled by default, without the need for additional configuration or policy, and includes the following:

  • HTTP/2-enabled browsers use HTTP/2 when going through the proxy
  • Clients requests use HTTP/2 when making requests to the proxy
  • Proxy uses HTTP/2 when sending requests to upstream hosts
  • Existing policy for inspecting HTTP traffic and sending it to an ICAP service also apply to HTTP/2 requests and

You can change the above default behavior by configuring settings and policy via the appliance CLI.

Configuring HTTP/2 Settings and Policy
To configure HTTP/2 on the appliance, use the new #(config) http2 commands. Refer to the Command Line Interface Reference for details.