Wrong value in the 'Accept-Encoding' header

[brunexgeek]

When the client sends an HTTP request to a server, it includes the Accept-Encoding header to express its preference for content compression, but it seems compression is not supported. Some versions/installations of FortiNet server might support compression and start sending compressed content and cause errors (e.g. auth_get_config).

In src/http.c we have the following: "Accept-Encoding: gzip, deflate, br\r\n"

To fix this, the client should set Accept-Encoding to identity. "Accept-Encoding: identity\r\n"

[DimitriPapadopoulos]

I guess it doesn't work any better with Accept-Encoding: gzip, deflate, br, identity, does it?

If so, we'll have to force Accept-Encoding: identity which admittedly is the right thing to do in this case.

[brunexgeek]

Yes, since the client does not support compression, we should only use identity to ensure that no compression will be used. In my case, our server was not configured with compression, so it would fall back to identity. But the moment compression became available, I started getting errors in auth_get_config.