"400 Bad request" error accessing reddit.com via Cloud SWG(WSS)
search cancel

"400 Bad request" error accessing reddit.com via Cloud SWG(WSS)


Article ID: 242909


Updated On:


Cloud Secure Web Gateway - Cloud SWG


Users accessing internet sites successfully via Cloud SWG(WSS) using WSS agent

The reddit.com site seems to be an exception. Although allowed based on the classification (newsgroup/forums), users accessing the site see following "400 Bad request" error:

When enabling a TLS bypass for reddit.com domain the error is not seen. 


Cloud SWG with anonymized IPv6 addresses configured


Reddit.com does not handle X-Forwarded-For with random IPv6 addresses 


A number of options exist:

  1. Go to HTTP header modification policy and use IPv4 instead of Anonymized IPv6 addresses. This is a global setting.
  2. Disable TLS inspection so that WSS does not add the X-Forwarded-For HTTP header to outbound requests
  3. If using UPE to administer WSS, remove or modify the X-Forwarded-For HTTP header value to any IPv4 address
  4. Contact WSS Support to add a custom policy to disable addition of the X-Forwarded-For HTTP header for reddit.com domain.

Additional Information

Can replicate the same behavior without any WSS by inserting the X-Forwarded-For HTTP header into request destined for reddit.com

_$ curl -H 'X-BlueCoat-Via: 2ee2420f3b36a442' -H 'X-Forwarded-For: 2001:0DB8:073a:67cf:4440:e4b0:43d4:9de3' https://www.reddit.com_

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
<title>400 Bad Request</title>
<h1>Error 400 Bad Request</h1>
<p>Bad Request</p>
<h3>Error 54113</h3>
<p>Details: cache-iad-kiad7000057-IAD 1652869295 1258259296</p>
<p>Varnish cache server</p>

$ curl -H 'X-BlueCoat-Via: 2ee2420f3b36a442' http://www.reddit.com