search cancel

"400 Bad request" error accessing via WSS


Article ID: 242909


Updated On:


Cloud Secure Web Gateway - Cloud SWG


Users accessing internet sites successfully via WSS using WSS agent

The site seems to be an exception. Although allowed based on the classification (newsgroup/forums), users accessing the site see following "400 Bad request" error:

When we enable a TLS bypass for domain, everything works fine.



Release : 1.0

Component : Default-Sym

Cause does not handle X-Forwarded-For with random IPv6 addresses 


A number of options exist:

1. Go to HTTP header modification policy and use IPv4 instead of randomised IPv6 addresses for this domain

2. Disable TLS inspection so that WSS does not add the X-Forwarded-For HTTP header to outbound requests

3. If using UPE to administer WSS, remove or modify the X-Forwarded-For HTTP header value to any IPv4 address 

4. Contact WSS Support to add a custom policy to disable addition of the X-Forwarded-For HTTP header for domain.

Additional Information

Can replicate the same behaviour without any WSS by inserting the X-Forwarded-For HTTP header into request destined for

[email protected] /cygdrive/c/Users/nc736209/Documents/WSS/Policies/UPE/Neil-Test-Env
_$ curl -H 'X-BlueCoat-Via: 2ee2420f3b36a442' -H 'X-Forwarded-For: 2001:0DB8:073a:67cf:4440:e4b0:43d4:9de3' http://www.reddit.com_

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
<title>400 Bad Request</title>
<h1>Error 400 Bad Request</h1>
<p>Bad Request</p>
<h3>Error 54113</h3>
<p>Details: cache-iad-kiad7000057-IAD 1652869295 1258259296</p>
<p>Varnish cache server</p>

[email protected] /cygdrive/c/Users/nc736209/Documents/WSS/Policies/UPE/Neil-Test-Env
$ curl -H 'X-BlueCoat-Via: 2ee2420f3b36a442'