Cannot apply HTTP/2 policy to Cloud SWG via UPE
search cancel

Cannot apply HTTP/2 policy to Cloud SWG via UPE


Article ID: 259115


Updated On:


Cloud Secure Web Gateway - Cloud SWG


Users accessing service-now via Cloud SWG reporting issues auto-populating ServiceNow forms.

Troubleshooting identified an issue with HTTP/2 protocol via Cloud SWG, which ServiceNow does not support.

Cloud SWG admin tried to disable HTTP/2 protocol for that domain using following CPL within UPE:

<proxy HTTP2>
condition=HTTP2_Bypass http2.client.accept(no) http2.server.request(no)

define condition HTTP2_Bypass
end condition HTTP2_Bypass

Pushing the policy change resulted in following error being reported (when applied to 'WSS' or 'Appliance' - works when only applying it to 'Appliance' which does not impact Cloud SWG)

Can HTTP/2 policies be applied to Cloud SWG via UPE?


Management Center/UPE.

Cloud SWG.

HTTP/2 based Applications.


Cloud SWG policy compiler does not support HTTP/2 policies.


Cloud SWG Engineering aware of issue, and the support for HTTP/2 policies within UPE for Cloud SWG will be available mid February 2023.

As a workaround, please contact the Cloud SWG support team to add the required changes to the back end until such time as fix available.

Note that any HTTP/2 domains that are failing may also be worked around adding an SSL inspection bypass for the problem domain(s).